Problem with blank/empty voicemails

Report
Question

Hi,
I hope for a hint on this issue. I had a voicemail running on ast release 1.6.2 latest which i upgraded
to 1.8.11 latest release.
during this process I did add a couple of fields like minsecs and maxsecs. I do now get empty emails where the attached voicefile only contains the
voice header,
the message length written in the email is ok.
If I go to the voicemailbox during the recording then I can se the files
grow to the filesize i would expect, looks like everything is ok until then.…

Asterisk Users 3.4 years ago 0 Answers

Grandstream 1.0.3.30 BETA Firmware

Report
Question

If you are using Grandstream GXP 21XXX and 14XX phones and you are doing
any kind of remote firmware updates or config updates DO NOT use the
1.0.3.30 BETA version. We have found a bug in it that causes HTTP updates
to not work if you are using a domain name and not an IP address for
pulling configs and firmware. It can put you in a state where you can't
update the configs or firmware without direct web or telnet contact to the
phone. Thanks Bryant

Asterisk Users 3.4 years ago 0 Answers

Remote Crash Vulnerability in SIP Channel Driver

Report
Question

Asterisk Project Security Advisory - AST-2012-006 Product Asterisk
Summary Remote Crash Vulnerability in SIP Channel Driver
Nature of Advisory Remote Crash
Susceptibility Remote Authenticated Sessions
Severity Moderate
Exploits Known No
Reported On April 16, 2012
Reported By Thomas Arimont
Posted On April 23, 2012
Last Updated On April 23, 2012
Advisory Contact Matt Jordan < mjordan AT digium DOT com >
CVE Name Description A remotely exploitable crash vulnerability exists in the
SIP channel driver if a SIP UPDATE request is processed
within a particular window of…

Asterisk Users 3.4 years ago 0 Answers

Heap Buffer Overflow in Skinny Channel Driver

Report
Question

In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun. Now, the length of the buffer is now checked before appending a value to the end of the buffer. Affected Versions:

  • Product Release Series
  • Asterisk Open Source 1.6.2.x All Versions
  • Asterisk Open Source 1.8.x All Versions
  • Asterisk Open Source 10.x All Versions
Corrected In Product Release:

Asterisk Manager User Unauthorized Shell Access

Report
Question

A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any…

VoIP News 3.4 years ago 0 Answers

HELP!! Caller ID "unknown" for all inbound call (Satria Anamarta)

Report
Question

Hi Anam It seem should be work, but I just have a question about chan_dahdi.conf regardless to parameter
rxwink=300 ; Atlas seems to use long (250ms) winks
By the way gain parameters shouldn´t have any effect to CID signal processing, how about to comment, and test again, if still without working try to connect parallel phone with Asterisk it will check if could be a hardware problem or configuration parameter setting Good luck
Mc GRATH Ricardo
E-Mail mcgrathr@mail2web.com

Asterisk Users 3.4 years ago 1 Answer