Tag : Asterisk Project Security Advisory

AST-2014-010: Remote Crash When Handling Out Of Call Message In Certain Dialplan Configurations

Posted September 18, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Matt Jordan, asterisk, Asterisk Project Security Advisory, Certified Asterisk, channel driver, Philippe Lindheimer, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk, security advisory

Asterisk Project Security Advisory – AST-2014-010 ProductAsterisk SummaryRemote crash when handling out of call message in certain dialplan configurations Nature of AdvisoryRemotely triggered crash of AsteriskSusceptibilityRemote authenticated sessi..

Read more

AST-2014-009: Remote Crash Based On Malformed SIP Subscription Requests

Posted September 18, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Mark Michelson, asterisk, Asterisk Project Security Advisory, Certified Asterisk, Mark Michelson, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk

Asterisk Project Security Advisory – AST-2014-009 ProductAsterisk SummaryRemote crash based on malformed SIP subscriptionrequestsNature of AdvisoryRemotely triggered crash of AsteriskSusceptibilityRemote authenticated sessions Severity Major Explo..

Read more

AST-2014-004: Remote Crash Vulnerability In PJSIP Channel Driver Subscription Handling

Posted March 10, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Matt Jordan, asterisk, Asterisk Project Security Advisory, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk

Asterisk Project Security Advisory – AST-2014-004 ProductAsterisk SummaryRemote Crash Vulnerability in PJSIP Channel DriverSubscription Handling Nature of AdvisoryDenial of Service SusceptibilityRemote Authenticated Sessions Severity ModerateExplo..

Read more

AST-2014-003: Remote Crash Vulnerability In PJSIP Channel Driver

Posted March 10, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Denial of Service Susceptibility, Advisory Contact Joshua Colp, asterisk, Asterisk Project Security Advisory, Joshua Colp, PJSIP, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk

Asterisk Project Security Advisory – AST-2014-003ProductAsterisk SummaryRemote Crash Vulnerability in PJSIP channel driver Nature of Advisory Denial of ServiceSusceptibility Remote Unauthenticated Sessions SeverityModerate Exploits Known No Repor..

Read more

AST-2014-002: Denial Of Service Through File Descriptor Exhaustion With Chan_sip Session-Timers

Posted March 10, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Kinsey Moore, asterisk, Asterisk Project Security Advisory, Certified Asterisk, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk

Asterisk Project Security Advisory – AST-2014-002 ProductAsterisk SummaryDenial of Service Through File Descriptor Exhaustionwith chan_sip Session-TimersNature of AdvisoryDenial of Service SusceptibilityRemote Authenticated or Anonymous Sessions Sever..

Read more

AST-2014-001: Stack Overflow In HTTP Processing Of Cookie Headers.

Posted March 10, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Richard Mudgett, asterisk, Asterisk Project Security Advisory, Certified Asterisk, Lucas Molas, Manuel Sadosky, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk, Richard Mudgett Initial Revision

Asterisk Project Security Advisory – AST-2014-001 ProductAsterisk SummaryStack Overflow in HTTP Processing of Cookie Headers.Nature of AdvisoryDenial Of Service SusceptibilityRemote Unauthenticated Sessions Severity ModerateExploits KnownNo Repor..

Read more