Receiving And Processing Unsolicited XMPP Messages With Asterisk 11

Report
Question

I'm trying to set up a way that our users can send an XMPP message to Asterisk (unsolicited) to request information, such as voicemail status or the like. No matter what I set for the dialplan, I'm only seeing Asterisk execute the s,1 priority in the context defined in xmpp.conf for incoming messages, and then the "call" hangs up without executing further instructions. Anything I've tried to accomplish in that first priority has worked, but it never continues to an additional priority.

Debug output looks like: [Aug 31 14:41:15] DEBUG[6964]: res_xmpp.c:2988 xmpp_pak_message: XMPP client 'testaccount' received a message [Aug 31 14:41:15]…

Asterisk Users 3.1 years ago 3 Answers

Question About Cli

Report
Question

Hello guys, i would like to ask a question about cli.

Today, while i was using the cli, i thinked that there could be more features. IMHO, might be interesting, for example, to add a sip extensions from cli, or other similar functions, without having to modify the configuration files.

Or not? What do you think?

Regards

Asterisk Users 3.1 years ago 2 Answers

Automatic ODBC Reconnect?

Report
Question

I recently rebooted by Asterisk server, MySQL (via ODBC) is also installed on the same machine. After rebooting, Asterisk didn't connect via ODBC, I assume that MySQL wasn't yet running when Asterisk tried to connect. So, how to tell Asterisk to automatically retry to connect via ODBC on failures? And is there a way to start MySQL before Asterisk? Thanks :-)

Asterisk Users 3.1 years ago 10 Answers

AST-2012-013: ACL Rules Ignored When Placing Outbound Calls By Certain IAX2 Users

Report
Question

Asterisk Project Security Advisory - AST-2012-013

Product Asterisk Summary ACL rules ignored when placing outbound calls by certain IAX2 users Nature of Advisory Unauthorized use of system Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known None Reported On 07/27/2012 Reported By Alan Frisch Posted On 08/30/2012 Last Updated On August 30, 2012 Advisory Contact Matt Jordan < mjordan AT digium DOT com > CVE Name CVE-2012-4737

Description When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the…

Asterisk Users 3.1 years ago 0 Answers

AST-2012-012: Asterisk Manager User Unauthorized Shell Access

Report
Question

Asterisk Project Security Advisory - AST-2012-012

Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On July 13, 2012 Reported By Zubair Ashraf of IBM X-Force Research Posted On August 30, 2012 Last Updated On August 30, 2012 Advisory Contact Matt Jordan < mjordan AT digium DOT com > CVE Name CVE-2012-2186

Description The AMI Originate action can allow a remote user to specify information that can be used to execute shell commands on the system hosting Asterisk. This can result in an unwanted…

Asterisk Users 3.1 years ago 0 Answers

Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, 10.7.1-digiumphones Now Available (Security Release)

Report
Question

The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are released as versions 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones.

These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, and 10.7.1-digiumphones resolve the following two issues:

* A permission escalation vulnerability in Asterisk Manager Interface. This would potentially allow remote authenticated users the ability to execute commands on the system shell with the privileges of the user running the Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt file delivered with Asterisk has been updated due to this…

Asterisk Users 3.1 years ago 0 Answers