Asterisk Project Security Advisory – Host access rules using permit= and deny= configurations behave unpredictably if the CIDR notation /0 is used. Depending on the system’s behavior, this may act as desired, but in other cases it might not, thereby allowing access from hosts that should be denied.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86730/AST-2010-003.txt
Source: https://packetstormsecurity.com/files/86730/Asterisk-Project-Security-Advisory-AST-2010-003.html