The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://downloads.asterisk.org/pub/security/AST-2011-005.pdf http://downloads.asterisk.org/pub/security/AST-2011-006.pdf http://www.vuxml.org/freebsd/3c7d565a-6c64-11e0-813a-6c626dd55a41.html

The following packages are affected: asterisk14 asterisk16 asterisk18 CVE-2011-1507 Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.