Richard Mudgett
authored
Sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. Another vulnerability along similar lines is any HTTP request with a ridiculous number of headers in the request could exhaust system memory. (closes issue ASTERISK-23340) Reported by: Lucas Molas, researcher at Programa STIC, Fundacion; and Dr. Manuel Sadosky, Buenos Aires, Argentina ........ Merged revisions 410380 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 410381 from http://svn.asterisk.org/svn/asterisk/branches/11 ........ Merged revisions 410383 from http://svn.asterisk.org/svn/asterisk/branches/12 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@410395 65c4cc65-6c06-0410-ace0-fbb531ad65f3