AST-2012-010 If Asterisk sends a re-invite and an endpoint responds to the re-invite with a provisional response but never sends a final response, then the SIP dialog structure is never freed and the RTP ports for the call are never released. If an attacker has the ability to place a call, they could create a denial of service by using all available RTP ports. References: http://downloads.asterisk.org/pub/security/AST-2012-010.pdf http://downloads.asterisk.org/pub/security/AST-2012-010.txt http://downloads.asterisk.org/pub/security/AST-2012-010-10.diff http://downloads.asterisk.org/pub/security/AST-2012-010-1.8.diff
Created asterisk tracking bugs for this issue Affects: fedora-17 [bug 838180] Affects: fedora-16 [bug 838181] Affects: epel-6 [bug 838182]
Upstream ticket: https://issues.asterisk.org/jira/browse/ASTERISK-19992
asterisk-10.5.2-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
asterisk-1.8.18.0-1.el6 has been pushed to the Epel 6 repository. If problems still persist, please make note of it in this bug report.
asterisk-1.8.18.0-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.