Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Asterisk | Digium | 1.0.0 (including) | 1.0.0 (including) |
| Asterisk | Digium | 1.0.1 (including) | 1.0.1 (including) |
| Asterisk | Digium | 1.0.2 (including) | 1.0.2 (including) |
| Asterisk | Digium | 1.0.3 (including) | 1.0.3 (including) |
| Asterisk | Digium | 1.0.4 (including) | 1.0.4 (including) |
| Asterisk | Digium | 1.0.5 (including) | 1.0.5 (including) |
| Asterisk | Digium | 1.0.6 (including) | 1.0.6 (including) |
| Asterisk | Digium | 1.0.7 (including) | 1.0.7 (including) |
| Asterisk | Digium | 1.0.8 (including) | 1.0.8 (including) |
| Asterisk | Digium | 1.0.9 (including) | 1.0.9 (including) |
| Asterisk | Digium | 1.0.10 (including) | 1.0.10 (including) |
| Asterisk | Digium | 1.0_rc1 (including) | 1.0_rc1 (including) |
| Asterisk | Digium | 1.0_rc2 (including) | 1.0_rc2 (including) |
| Asterisk | Digium | 1.2.0_beta1 (including) | 1.2.0_beta1 (including) |
| Asterisk | Digium | 1.2.0_beta2 (including) | 1.2.0_beta2 (including) |
| Asterisk | Digium | 1.2.6 (including) | 1.2.6 (including) |
| Asterisk | Digium | 1.2.7 (including) | 1.2.7 (including) |
| Asterisk | Digium | 1.2.8 (including) | 1.2.8 (including) |
| Asterisk | Digium | 1.2.9 (including) | 1.2.9 (including) |
| Asterisk | Digium | 1.2.10 (including) | 1.2.10 (including) |
| Asterisk | Ubuntu | dapper | * |
| Asterisk | Ubuntu | devel | * |
| Asterisk | Ubuntu | edgy | * |
| Asterisk | Ubuntu | feisty | * |
| Asterisk | Ubuntu | gutsy | * |
| Asterisk | Ubuntu | hardy | * |
| Asterisk | Ubuntu | intrepid | * |
| Asterisk | Ubuntu | jaunty | * |
| Asterisk | Ubuntu | karmic | * |
| Asterisk | Ubuntu | upstream | * |