Asterisk Project Security Advisory – AST-2012-006 Product Asterisk Summary Remote Crash Vulnerability in SIP Channel Driver Nature of Advisory Remote Crash Susceptibility Remote Authenticated Sessions SeverityModerate Exploits Known No Reported On Ap..
In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked,..
Asterisk Project Security Advisory – AST-2012-001 +————————————————————————+ | Product| Asterisk| |———————-+————————————————-| | Summary| SRTP Video Rem..
Asterisk Project Security Advisory – AST-2011-014Summary: Remote crash possibility with SIP and the automonDescription: When the automon feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Aster..
Asterisk Project Security Advisory – AST-2011-011 +————————————————————————+ |Product | Asterisk| |——————–+—————————————————| |Summary | Possible enumerat..
Asterisk Project Security Advisory – AST-2011-005 Product Asterisk Summary File Descriptor Resource Exhaustion Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated TCP Based Sessions (TCP SIP, Skinny, Asterisk Manager Interfa..
Asterisk Project Security Advisory – AST-2011-002 Product Asterisk Summary Multiple array overflow and crash vulnerabilities in UDPTL code Nature of Advisory Exploitable Stack and Heap Array Overflows Susceptibility Remote Unauthenticated Sessions SeverityCriti..
On Tue, 18 Jan 2011, Asterisk Security Team wrote: > Asterisk Project Security Advisory – AST-2011-001 > > ProductAsterisk > SummaryStack buffer overflow in SIP channel driver >Nature of AdvisoryExploitable Stack Buffer Overflow >SusceptibilityRem..