There is a buffer overflow vulnerability in dns_srv and dns_naptr functions of Asterisk that allows an attacker to crash Asterisk via a specially crafted DNS SRV or NAPTR response. The attackers request causes Asterisk to segfault and crash.When Asterisk makes an outgoing call, a very specific SDP protocol violation by the remote party can cause Asterisk to crash.A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash. This requires Asterisk to initiate a T.38 reinvite which is only done when executing the ReceiveFax dialplan application or performing T.38 passthrough where a remote endpoint has requested T.38.When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk.