If a single voicemail account is manipulated by two parties simultaneously, a condition can occur where memory is freed twice causing a crash.Management of the memory in question has been reworked so that double frees and out of bounds array acc..
A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorizati..
The Asterisk Development Team has announced security releases for Asterisk 1.8 and 10. The available security releases are released as versions 188.8.131.52 and 10.0.1.Please note that the security vulnerability in Asterisk 1.8 and 10 does not exist for Aster..
Asterisk Project Security Advisory – AST-2012-001 +————————————————————————+ | Product| Asterisk| |———————-+————————————————-| | Summary| SRTP Video Rem..
Any suggestions from people who have done this before? Thanks, – Doug Mortensen Network Consultant Impala Networks Inc CCNA, MCSA, Security+, A+ Linux+, Network+, Server+ A.A.S. Information Technology . www.impalanetworks.com P: (505) 327-7300 F: (5..
The Asterisk Development Team has announced security releases for Asterisk 1.4, 1.6.2 and 1.8. The available security releases are released as versions 1.4.43, 184.108.40.206 and 220.127.116.11.These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases..
Asterisk Project Security Advisory – AST-2011-014Summary: Remote crash possibility with SIP and the automonDescription: When the automon feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Aster..
The Asterisk Development Team has announced security releases for Asterisk 1.4, 1.6.2 and 1.8. The available security releases are released as versions 1.4.43, 18.104.22.168 and 22.214.171.124. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/relea..
Asterisk Project Security Advisory – AST-2011-013 ProductAsterisk SummaryPossible remote enumeration of SIP endpoints with differing NAT settings Nature of AdvisoryUnauthorized data disclosure SusceptibilityRemote unauthenticated sessions Severity Mi..