Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1332 to the following vulnerability:
Asterisk Project Security Advisory - AST-2008-003
Unauthenticated calls can be made via the SIP channel driver using an invalid
From header. This acts similarly to the SIP configuration option
'allowguest=yes', in that calls with a specially crafted From header would be
sent to the PBX in the context specified in the general section of sip.conf.
asterisk-126.96.36.199-1.fc8 has been submitted as an update for Fedora 8
asterisk-188.8.131.52-1.fc7 has been submitted as an update for Fedora 7
asterisk-184.108.40.206-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-220.127.116.11-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: