Author : Asterisk Security

AST-2019-001: Remote Crash Vulnerability With SDP Protocol Violation

Posted February 28, 2019 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2019-001 ProductAsterisk SummaryRemote crash vulnerability with SDP protocol violation Nature of AdvisoryDenial Of Service SusceptibilityRemote Authenticated Sessions Severity Low Exploits KnownNo Reported OnJanu..

Read more

AST-2018-008: PJSIP Endpoint Presence Disclosure When Using ACL

Posted June 11, 2018 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2018-008 ProductAsterisk SummaryPJSIP endpoint presence disclosure when using ACL Nature of AdvisoryUnauthorized data disclosure SusceptibilityRemote Unauthenticated Sessions Severity Minor Exploits KnownNo Repor..

Read more

AST-2018-007: Infinite Loop When Reading Iostreams

Posted June 11, 2018 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2018-007 ProductAsterisk SummaryInfinite loop when reading iostreams Nature of AdvisoryDenial of Service SusceptibilityRemote Authenticated Sessions Severity Critical Exploits KnownNo Reported OnApril 16, 2..

Read more

AST-2018-003: Crash With An Invalid SDP Fmtp Attribute

Posted February 21, 2018 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2018-003 ProductAsterisk SummaryCrash with an invalid SDP fmtp attributeNature of AdvisoryRemote crashSusceptibilityRemote Authenticated Sessions Severity Minor Exploits KnownNo Reported OnJanuary 15, 2018 Repor..

Read more

AST-2018-002: Crash When Given An Invalid SDP Media Format Description

Posted February 21, 2018 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, format description, invalid media format, Kevin Harwell, Product Release, Sandro Gauci

Asterisk Project Security Advisory – AST-2018-002 ProductAsterisk SummaryCrash when given an invalid SDP media formatdescription Nature of AdvisoryRemote crashSusceptibilityRemote Authenticated Sessions Severity Minor Exploits KnownNo Reported OnJanu..

Read more

AST-2017-014: Crash In PJSIP Resource When Missing A Contact Header

Posted December 22, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2017-014 ProductAsterisk SummaryCrash in PJSIP resource when missing a contactheaderNature of AdvisoryRemote CrashSusceptibilityRemote Unauthenticated Sessions Severity ModerateExploits KnownNo Reported OnDecem..

Read more

:

Posted December 1, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Development Team, Certified Asterisk, current releases, Releases, security advisories, security releases, security vulnerabilities

The Asterisk Development Team has announced security releases for Certified Asterisk 13.13 and Asterisk 13, 14 and 15.The available security releases are released as versions 13.13-cert8, 13.18.3,14.7.3 and 15.1.3.These releases are available for immedi..

Read more

AST-2017-011: Memory Leak In Pjsip Session Resource

Posted November 8, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2017-011 ProductAsterisk SummaryMemory leak in pjsip session resource Nature of AdvisoryMemory leak SusceptibilityRemote Sessions Severity Minor Exploits KnownNo Reported OnOctober 15, 2017 Reported ByCorrey FarrellPos..

Read more

AST-2017-007: Remote Crash Vulerability In Res_pjsip

Posted August 31, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Denial of Service Susceptibility, asterisk, Asterisk Project Security Advisory, George Joseph, Product Release

Asterisk Project Security Advisory – AST-2017-007 ProductAsterisk SummaryRemote Crash Vulerability in res_pjsipNature of AdvisoryDenial of Service SusceptibilityRemote Unauthenticated Sessions Severity ModerateExploits KnownNo Reported OnAugust 30, 2..

Read more

AST-2017-005: Media Takeover In RTP Stack

Posted August 31, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Asterisk Project Security Advisory – AST-2017-005 ProductAsterisk SummaryMedia takeover in RTP stack Nature of AdvisoryUnauthorized data disclosureSusceptibilityRemote Unauthenticated Sessions Severity CriticalExploits KnownNo Reported OnMay 17, 2..

Read more