search for: 420283

...blem is that many people who use CBC-MAC (rather than HMAC or a proper AEAD mode) seem incapable of actually doing this. http://blog.cryptographyengineering.com/2012/05/how-to-choose-authenticated-encryption.html Vulnerability Name: SSH CBC Mode Ciphers Enabled https://access.redhat.com/solutions/420283 http://forums.eeye.com/index.php?/topic/2858-11867-ssh-cbc-mode-plaintext-recovery-remote-false-positive/ The reality is that all of the CBC mode ciphers are vulnerable and this includes the old standby [3DES-CBC] and even, likely, [BLOWFISH-CBC]. We can look at the references provided by the Ret...

Thanks to ww and his patch on bug #104, I have successfully implemented Asterisk behind NAT without using STUN or anything crazy. It's quite straight forward. Until this gets tested enough and put into CVS, you will have to patch your chan_sip.c file to do this. I'm sure within the next few days this will get put merged into CVS if no one finds any problems. I tried this on chan_sip.c