Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2005-3559 CVE-2006-1827 BugTraq ID : 15336 Debian Bug : 338116
Several problems have been discovered in Asterisk, an Open Source Private Branch Exchange (telephone control center). The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2005-3559
Adam Pointon discovered that due to missing input sanitising it is
possible to retrieve recorded phone messages for a different
extension.
CVE-2006-1827
Emmanouel Kellinis discovered an integer signedness error that
could trigger a buffer overflow and hence allow the execution of
arbitrary code.
0.1.11-3woody11:1.0.7.dfsg.1-2sarge2