Messages by Thread
-
[asterisk-security] CORRECTED asterisk release 21.0.1
Asterisk Development Team
-
[asterisk-security] CORRECTED asterisk release certified-18.9-cert6
Asterisk Development Team
-
[asterisk-security] Asterisk 16.29.1, 18.15.1, 19.7.1, 20.0.1 Now Available
Asterisk Development Team
-
[asterisk-security] AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header
PARIBET
-
[asterisk-security] AST-2022-001: res_stir_shaken: resource exhaustion with large files
PARIBET
-
[asterisk-security] AST-2022-003: func_odbc: Possible SQL Injection
Asterisk Security Team
-
[asterisk-security] AST-2022-002: res_stir_shaken: SSRF vulnerability with Identity header
Asterisk Security Team
-
[asterisk-security] AST-2022-001: res_stir_shaken: resource exhaustion with large files
Asterisk Security Team
-
[asterisk-security] AST-2022-006: pjproject: unconstrained malformed multipart SIP message
Asterisk Security Team
-
[asterisk-security] AST-2022-005: pjproject: undefined behavior after freeing a dialog set
Asterisk Security Team
-
[asterisk-security] AST-2022-004: pjproject: integer underflow on STUN message
Asterisk Security Team
-
[asterisk-security] AST-2021-009: pjproject/pjsip: crash when SSL socket destroyed during handshake
Asterisk Security Team
-
[asterisk-security] AST-2021-007: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2021-008: Remote crash when using IAX2 channel driver
Asterisk Security Team
-
[asterisk-security] AST-2021-006: Crash when negotiating T.38 with a zero port
Asterisk Security Team
-
[asterisk-security] AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2021-004: An unsuspecting user could crash Asterisk with multiple hold/unhold requests
Asterisk Security Team
-
[asterisk-security] AST-2021-003: Remote attacker could prematurely tear down SRTP calls
Asterisk Security Team
-
[asterisk-security] AST-2021-002: Remote crash possible when negotiating T.38
Asterisk Security Team
-
[asterisk-security] AST-2021-001: Remote crash in res_pjsip_diversion
Asterisk Security Team
-
[asterisk-security] AST-2020-004: Remote crash in res_pjsip_diversion
Asterisk Security Team
-
[asterisk-security] AST-2020-003: Remote crash in res_pjsip_diversion
Asterisk Security Team
-
[asterisk-security] AST-2020-002: Outbound INVITE loop on challenge with different nonce.
Asterisk Security Team
-
[asterisk-security] AST-2020-001: Remote crash in res_pjsip_session
Asterisk Security Team
-
[asterisk-security] AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
Asterisk Security Team
-
[asterisk-security] AST-2019-007: AMI user could execute system commands.
Asterisk Security Team
-
[asterisk-security] AST-2019-006: SIP request can change address of a SIP peer.
Asterisk Security Team
-
[asterisk-security] AST-2019-005: Remote Crash Vulnerability in audio transcoding
Asterisk Security Team
-
[asterisk-security] AST-2019-004: Crash when negotiating for T.38 with a declined stream
Asterisk Security Team
-
[asterisk-security] AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver
Asterisk Security Team
-
[asterisk-security] AST-2019-002: Remote crash vulnerability with MESSAGE messages
Asterisk Security Team
-
[asterisk-security] [SIP] live monitoring and blocking SIP Scans attacks with AMI
Fernando Romo
-
[asterisk-security] AST-2019-001: Remote crash vulnerability with SDP protocol violation
Asterisk Security Team
-
[asterisk-security] AST-2018-010: Remote crash vulnerability DNS SRV and NAPTR lookups
Asterisk Security Team
-
[asterisk-security] AST-2018-010:
Asterisk Security Team
-
[asterisk-security] AST-2018-009: Remote crash vulnerability in HTTP websocket upgrade
Asterisk Security Team
-
[asterisk-security] AST-2018-008: PJSIP endpoint presence disclosure when using ACL
Asterisk Security Team
-
[asterisk-security] AST-2018-007: Infinite loop when reading iostreams
Asterisk Security Team
-
[asterisk-security] AST-2018-006: WebSocket frames with 0 sized payload causes DoS
Asterisk Security Team
-
[asterisk-security] AST-2018-005: Crash when large numbers of TCP connections are closed suddenly
Asterisk Security Team
-
[asterisk-security] AST-2018-003: Crash with an invalid SDP fmtp attribute
Asterisk Security Team
-
[asterisk-security] AST-2018-004: Crash when receiving SUBSCRIBE request
Asterisk Security Team
-
[asterisk-security] AST-2018-001: Crash when receiving unnegotiated dynamic payload
Asterisk Security Team
-
[asterisk-security] AST-2018-002: Crash when given an invalid SDP media format description
Asterisk Security Team
-
[asterisk-security] AST-2017-014: Crash in PJSIP resource when missing a contact header
Asterisk Security Team
-
[asterisk-security] [CSD-42071 - [suporte.propus.com.br #101335] AST-2017-012: Remote Crash Vulnerability in RTCP Stack] A new issue has been created!(TicketId: #117142071)
INVADE Support
-
[asterisk-security] [CSD-42070 - [suporte.propus.com.br #101335] AST-2017-012: Remote Crash Vulnerability in RTCP Stack] A new issue has been created!(TicketId: #117142070)
INVADE Support
-
[asterisk-security] [CSD-42069 - [suporte.propus.com.br #101335] AST-2017-012: Remote Crash Vulnerability in RTCP Stack] A new issue has been created!(TicketId: #117142069)
INVADE Support
-
[asterisk-security] [CSD-42064 - [suporte.propus.com.br #101335] AST-2017-012: Remote Crash Vulnerability in RTCP Stack] A new issue has been created!(TicketId: #117142064)
INVADE Support
-
[asterisk-security] AST-2017-012: Remote Crash Vulnerability in RTCP Stack
Asterisk Security Team
-
[asterisk-security] AST-2017-013: DOS Vulnerability in Asterisk chan_skinny
Asterisk Security Team
-
[asterisk-security] :
Asterisk Security Team
-
[asterisk-security] AST-2017-011: Memory leak in pjsip session resource
Asterisk Security Team
-
[asterisk-security] AST-2017-010: Buffer overflow in CDR's set user
Asterisk Security Team
-
[asterisk-security] AST-2017-009: Buffer overflow in pjproject header parsing can cause crash in Asterisk
Asterisk Security Team
-
[asterisk-security] AST-2017-008: RTP/RTCP information leak
Asterisk Security Team
-
[asterisk-security] AST-2017-007: Remote Crash Vulerability in res_pjsip
Asterisk Security Team
-
[asterisk-security] AST-2017-005: Media takeover in RTP stack
Asterisk Security Team
-
[asterisk-security] AST-2017-006: Shell access command injection in app_minivm
Asterisk Security Team
-
[asterisk-security] AST-2017-004: Memory exhaustion on short SCCP packets
Asterisk Security Team
-
[asterisk-security] AST-2017-003: Crash in PJSIP multi-part body parser
Asterisk Security Team
-
[asterisk-security] AST-2017-002: Buffer Overrun in PJSIP transaction layer
Asterisk Security Team
-
[asterisk-security] AST-2017-001: Buffer overflow in CDR's set user
Asterisk Security Team
-
[asterisk-security] AST-2016-009: <br>
Asterisk Security Team
-
[asterisk-security] AST-2016-008: Crash on SDP offer or answer from endpoint using Opus
Asterisk Security Team
-
[asterisk-security] AST-2016-007: UPDATE
Asterisk Security Team
-
[asterisk-security] AST-2016-007: RTP Resource Exhaustion
Asterisk Security Team
-
[asterisk-security] AST-2016-006: Crash on ACK from unknown endpoint
Asterisk Security Team
-
[asterisk-security] AST-2016-005: TCP denial of service in PJProject
Asterisk Security Team
-
[asterisk-security] AST-2016-004: Long Contact URIs in REGISTER requests can crash Asterisk
Asterisk Security Team
-
[asterisk-security] AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data.
Asterisk Security Team
-
[asterisk-security] AST-2016-002: File descriptor exhaustion in chan_sip
Asterisk Security Team
-
[asterisk-security] AST-2016-001: BEAST vulnerability in HTTP server
Asterisk Security Team
-
[asterisk-security] Asterisk 11.6-cert12, 11.21.1, 13.1-cert3, 13.7.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] CFP for 8th SafeConfig (Workshop on Automated Decision Making for Active Cyber Defense), 2015
Rahman, Mohammad
-
[asterisk-security] AST-2015-003: TLS Certificate Common name NULL byte exploit
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.28-cert5, 1.8.32.3, 11.6-cert11, 11.17.1, 12.8.2, 13.1-cert2, 13.3.2 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability
Asterisk Security Team
-
[asterisk-security] AST-2015-001: File descriptor leak when incompatible codecs are offered
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.28-cert4, 1.8.32.2, 11.6-cert10, 11.15.1, 12.8.1, 13.1.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-019: Remote Crash Vulnerability in WebSocket Server
Asterisk Security Team
-
[asterisk-security] Asterisk 11.6-cert9, 11.14.2, 12.7.2, 13.0.2 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-018: AMI permission escalation through DB dialplan function
Asterisk Security Team
-
[asterisk-security] AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font>
Asterisk Security Team
-
[asterisk-security] AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2014-014: High call load may result in hung channels in ConfBridge.
Asterisk Security Team
-
[asterisk-security] AST-2014-013: PJSIP ACLs are not loaded on startup
Asterisk Security Team
-
[asterisk-security] AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic.
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.28-cert3, 1.8.32.1, 11.6-cert8, 11.14.1, 12.7.1, 13.0.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.28-cert2, 1.8.31.1, 11.6-cert7, 11.13.1, 12.6.1, 13.0.0-beta3 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations
Asterisk Security Team
-
[asterisk-security] AST-2014-009: Remote crash based on malformed SIP subscription requests
Asterisk Security Team
-
[asterisk-security] Asterisk 11.6-cert6, 11.12.1, 12.5.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] Asterisk 1.8.15-cert7, 1.8.28.2, 11.6-cert4, 11.10.2, 12.3.2 Now Available (Security/Regression Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions
Asterisk Security Team
-
[asterisk-security] AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections
Asterisk Security Team
-
[asterisk-security] AST-2014-006: Asterisk Manager User Unauthorized Shell Access
Asterisk Security Team
-
[asterisk-security] AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.15-cert6, 1.8.28.1, 11.6-cert3, 11.10.1, 12.3.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2014-004: Remote Crash Vulnerability in PJSIP Channel Driver Subscription Handling
Asterisk Security Team
-
[asterisk-security] AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers
Asterisk Security Team
-
[asterisk-security] AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.15-cert5, 1.8.26.1, 11.6-cert2, 11.8.1, 12.1.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2013-007: Asterisk Manager User Dialplan Permission Escalation
Asterisk Security Team
-
[asterisk-security] AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.15-cert4, 1.8.24.1, 10.12.4, 10.12.4-digiumphones, 11.2-cert3, 11.6.1 Now Available (Security Release)
Asterisk Development Team
-
Re: [asterisk-security] Sometimes, Reality is far more scary? (Hugh McLenaghan)
Eric Klein
-
Re: [asterisk-security] Sometimes, Reality is far more scary?
Hugh McLenaghan
-
[asterisk-security] Astricon Security Master Class: Sometimes, Reality is far more scary…
Eric Klein
-
Re: [asterisk-security] Implementation of Asterisk in Amazon cloud (EC2)
Bo Olabode
-
[asterisk-security] Implementation of Asterisk in Amazon cloud (EC2)
zemmali saddam
-
[asterisk-security] AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request
Asterisk Security Team
-
[asterisk-security] AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.15-cert3, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-digiumphones, 11.5.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] hello
zemmali saddam
-
[asterisk-security] Biggest Fake Conference in Computer Science
georgepeter
-
[asterisk-security] AST-2013-003: Username disclosure in SIP channel driver
Asterisk Security Team
-
[asterisk-security] AST-2013-002: Denial of Service in HTTP server
Asterisk Security Team
-
[asterisk-security] AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones, 11.2.2 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] Asterisk 11.1.2 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] Asterisk 1.8.11-cert10, 1.8.19.1, 10.11.1, 10.11.1-digiumphones, 11.1.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2012-015: Denial of Service Through Exploitation of Device State Caching
Asterisk Security Team
-
[asterisk-security] AST-2012-014: Crashes due to large stack allocations when using TCP
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.11-cert7, 1.8.15.1, 10.7.1, 10.7.1-digiumphones Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users
Asterisk Security Team
-
[asterisk-security] AST-2012-012: Asterisk Manager User Unauthorized Shell Access
Asterisk Security Team
-
[asterisk-security] IEEE SafeConfig Symposium (Abstract registration in 3 days)
Xie, Geoffrey (Geoff) (CIV)
-
[asterisk-security] Call for Papers: IEEE SafeConfig Symposium (deadline approaching)
Xie, Geoffrey (Geoff) (CIV)
-
[asterisk-security] AST-2012-011: Remote crash vulnerability in voice mail application
Asterisk Security Team
-
[asterisk-security] AST-2012-010: Possible resource leak on uncompleted re-invite transactions
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.11-cert4, 1.8.13.1, 10.5.2, 10.5.2-digiumphones Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] Call for Papers: IEEE SafeConfig Symposium (deadline: August 20)
Xie, Geoffrey (Geoff) (CIV)
-
[asterisk-security] AST-2012-009: Skinny Channel Driver Remote Crash Vulnerability
Asterisk Security Team
-
[asterisk-security] Asterisk 10.5.1 Now Available (Security Release)
Asterisk Development Team
-
Re: [asterisk-security] AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
Martin Hairer
-
[asterisk-security] AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability
Asterisk Security Team
-
[asterisk-security] AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
Asterisk Security Team
-
[asterisk-security] Certified Asterisk 1.8.11-cert2; Asterisk 1.8.12.1, 10.4.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver
Asterisk Security Team
-
[asterisk-security] AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver
Asterisk Security Team
-
[asterisk-security] AST-2012-004: Asterisk Manager User Unauthorized Shell Access
Asterisk Security Team
-
[asterisk-security] Asterisk 1.6.2.24, 1.8.11.1, 10.3.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] Asterisk 1.4.44, 1.6.2.23, 1.8.10.1, 10.2.1 Now Available (Security Releases)
Asterisk Development Team
-
[asterisk-security] AST-2012-003: Stack Buffer Overflow in HTTP Manager
Asterisk Security Team
-
[asterisk-security] AST-2012-002: Remote Crash Vulnerability in Milliwatt Application
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.8.2 and 10.0.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2012-001: SRTP Video Remote Crash Vulnerability
Asterisk Security Team
-
AST-2011-014: Remote crash possibility with SIP and the “automon” feature enabled
Asterisk Security Team
-
[asterisk-security] AST-2011-013: Possible remote enumeration of SIP endpoints with differing NAT settings
Asterisk Security Team
-
[asterisk-security] Asterisk 1.8.7.1 Now Available (Security Release)
Asterisk Development Team
-
[asterisk-security] AST-2011-012: Remote crash vulnerability in SIP channel driver
Asterisk Security Team
-
[asterisk-security] Honeypot Project
Jack Honey Pot
-
[asterisk-security] AST-2011-011: Possible enumeration of SIP users due to differing authentication responses
Asterisk Security Team
-
[asterisk-security] unsubscribe
Ross Cameron
-
[asterisk-security] AST-2011-006: Asterisk Manager User Shell Access
Asterisk Security Team
-
[asterisk-security] AST-2011-005: File Descriptor Resource Exhaustion
Asterisk Security Team
-
[asterisk-security] AST-2011-004:
Asterisk Security Team
-
[asterisk-security] AST-2011-003:
Asterisk Security Team
-
[asterisk-security] Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 Now Available
Asterisk Development Team
-
[asterisk-security] AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
Asterisk Security Team
-
[asterisk-security] AST-2011-001: Stack buffer overflow in SIP channel driver
Asterisk Security Team
-
[asterisk-security] Many asterisk [1.4] seg fault in last 48h
Borys Łącki
-
[asterisk-security] Nice.Pharma : Discount Pack pill !
asteriskteam