I'm trying to set up a way that our users can send an XMPP message to Asterisk (unsolicited) to request information, such as voicemail status or the like. No matter what I set for the dialplan, I'm only seeing Asterisk execute the s,1 priority in the context defined in xmpp.conf for incoming messages, and then the "call" hangs up without executing further instructions. Anything I've tried to accomplish in that first priority has worked, but it never continues to an additional priority.
Debug output looks like: [Aug 31 14:41:15] DEBUG: res_xmpp.c:2988 xmpp_pak_message: XMPP client 'testaccount' received a message [Aug 31 14:41:15]…
I am trying to use Asterisk Manager API query data from realtime. From Asterisk CLI, we could use realtime load
Column Name Column Value -------------------- -------------------- id 1 mykey content myvalue value
I am wondering how I could make this type of query from Manager API.
Thanks for your time in advance.
Hello guys, i would like to ask a question about cli.
Today, while i was using the cli, i thinked that there could be more features. IMHO, might be interesting, for example, to add a sip extensions from cli, or other similar functions, without having to modify the configuration files.
Or not? What do you think?
I recently rebooted by Asterisk server, MySQL (via ODBC) is also installed on the same machine. After rebooting, Asterisk didn't connect via ODBC, I assume that MySQL wasn't yet running when Asterisk tried to connect. So, how to tell Asterisk to automatically retry to connect via ODBC on failures? And is there a way to start MySQL before Asterisk? Thanks :-)
Asterisk Project Security Advisory - AST-2012-013
Product Asterisk Summary ACL rules ignored when placing outbound calls by certain IAX2 users Nature of Advisory Unauthorized use of system Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known None Reported On 07/27/2012 Reported By Alan Frisch Posted On 08/30/2012 Last Updated On August 30, 2012 Advisory Contact Matt Jordan < mjordan AT digium DOT com > CVE Name CVE-2012-4737
Description When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the…
Asterisk Project Security Advisory - AST-2012-012
Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On July 13, 2012 Reported By Zubair Ashraf of IBM X-Force Research Posted On August 30, 2012 Last Updated On August 30, 2012 Advisory Contact Matt Jordan < mjordan AT digium DOT com > CVE Name CVE-2012-2186
Description The AMI Originate action can allow a remote user to specify information that can be used to execute shell commands on the system hosting Asterisk. This can result in an unwanted…
The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are released as versions 1.8.11-cert7, 18.104.22.168, 10.7.1, and 10.7.1-digiumphones.
These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of Asterisk 1.8.11-cert7, 22.214.171.124, 10.7.1, and 10.7.1-digiumphones resolve the following two issues:
* A permission escalation vulnerability in Asterisk Manager Interface. This would potentially allow remote authenticated users the ability to execute commands on the system shell with the privileges of the user running the Asterisk application. Please note that the README-SERIOUSLY.bestpractices.txt file delivered with Asterisk has been updated due to this…