An attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by
modifying the FaxMaxDatagram field of the SDP to contain either a negative or
exceptionally large value. The same crash occurs when the FaxMaxDatagram
field is omitted from the SDP as well.

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

this is one of the many reasons (apart from telemarketing spammers) that I always recommend people set allowguest=no in the general section of their sip.conf. Someone has to proxy authenticate in order to cause grief when set. In that case you either know the attacker or change the password on the compromised account.