Tag : Mark Michelson

AST-2017-003: Crash In PJSIP Multi-part Body Parser

Posted May 19, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, Mark Michelson, PJSIP, Product Release, Sandro Gauci

Asterisk Project Security Advisory – AST-2017-003 ProductAsterisk SummaryCrash in PJSIP multi-part body parser Nature of AdvisoryRemote CrashSusceptibilityRemote Unauthenticated Sessions Severity CriticalExploits KnownNo Reported On13 April, 2017 Repor..

Read more

AST-2017-002: Buffer Overrun In PJSIP Transaction Layer

Posted May 19, 2017 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, Mark Michelson, Product Release, Sandro Gauci

Asterisk Project Security Advisory – AST-2017-002 ProductAsterisk SummaryBuffer Overrun in PJSIP transaction layer Nature of AdvisoryBuffer Overrun/CrashSusceptibilityRemote Unauthenticated Sessions Severity CriticalExploits KnownNo Reported On12 Apr..

Read more

Coming To AstriCon? Check Out These Presentations By Asterisk Team Members

Posted September 23, 2016 by Asterisk Development & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Development Team, Asterisk PJSIP channel, George Joseph, Mark Michelson, Scott Griepentrog

Check out these 4 presentations by members of the Asterisk Development Team:*Deploying Digium Phones the easy way with DPMA*How to configure and manage your phones over a variety of networks, protocols and distributions. Tuesday 5:00PMPresented by: Sc..

Read more

AST-2016-004: Long Contact URIs In REGISTER Requests Can Crash Asterisk

Posted April 14, 2016 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, Mark Michelson, Product Release

Asterisk Project Security Advisory – AST-2016-004 ProductAsterisk SummaryLong Contact URIs in REGISTER requests can crashAsteriskNature of AdvisoryRemote CrashSusceptibilityRemote Authenticated Sessions Severity Major Exploits KnownNo Reported OnJanu..

Read more

AST-2015-002: Mitigation For LibcURL HTTP Request Injection Vulnerability

Posted January 28, 2015 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, Mark Michelson

Asterisk Project Security Advisory – AST-2015-002 ProductAsterisk SummaryMitigation for libcURL HTTP request injection vulnerability Nature of AdvisoryHTTP request injectionSusceptibilityRemote Authenticated Sessions Severity Major Exploits KnownNo Repor..

Read more

AST-2015-001: File Descriptor Leak When Incompatible Codecs Are Offered

Posted January 28, 2015 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: asterisk, Asterisk Project Security Advisory, Mark Michelson

Asterisk Project Security Advisory – AST-2015-001 ProductAsterisk SummaryFile descriptor leak when incompatible codecs are offered Nature of AdvisoryResource exhaustion SusceptibilityRemote Authenticated Sessions Severity Major Exploits KnownNo Repor..

Read more

AST-2014-012: Mixed IP Address Families In Access Control Lists May Permit Unwanted Traffic.

Posted November 20, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: address family, Advisory Unauthorized Access, asterisk, Asterisk Project Security Advisory, incoming packet, ip address, Mark Michelson

Asterisk Project Security Advisory – AST-2014-012 ProductAsterisk SummaryMixed IP address families in access control lists may permit unwanted traffic.Nature of AdvisoryUnauthorized Access SusceptibilityRemote unauthenticated sessions Severity ModerateExplo..

Read more

AST-2014-009: Remote Crash Based On Malformed SIP Subscription Requests

Posted September 18, 2014 by Asterisk Security & filed under Asterisk Users Comments: 0.

Tags: Advisory Contact Mark Michelson, asterisk, Asterisk Project Security Advisory, Certified Asterisk, Mark Michelson, Product Release Asterisk, Product Release Series Asterisk, Product Asterisk

Asterisk Project Security Advisory – AST-2014-009 ProductAsterisk SummaryRemote crash based on malformed SIP subscriptionrequestsNature of AdvisoryRemotely triggered crash of AsteriskSusceptibilityRemote authenticated sessions Severity Major Explo..

Read more