Tag : project security

Home » Posts tagged project security"


In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked,..

Read more

Asterisk Project Security Advisory – AST-2011-014Summary:      Remote crash possibility with SIP and the automonDescription:  When the automon feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Aster..

Read more

Asterisk Project Security Advisory – AST-2011-005 Product Asterisk Summary File Descriptor Resource Exhaustion Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated TCP Based Sessions (TCP SIP, Skinny, Asterisk Manager Interfa..

Read more

Asterisk Project Security Advisory – AST-2011-002 Product Asterisk Summary Multiple array overflow and crash vulnerabilities in UDPTL code Nature of Advisory Exploitable Stack and Heap Array Overflows Susceptibility Remote Unauthenticated Sessions SeverityCriti..

Read more

On Tue, 18 Jan 2011, Asterisk Security Team wrote: > Asterisk Project Security Advisory – AST-2011-001 > > ProductAsterisk > SummaryStack buffer overflow in SIP channel driver >Nature of AdvisoryExploitable Stack Buffer Overflow >SusceptibilityRem..

Read more