search for: ateya

...ed Sessions Severity Major Exploits Known No Reported On 6 January, 2015 Reported By Y Ateya Posted On 9 January, 2015 Last Updated On January 28, 2015 Advisory Contact Mark Michelson <mmichelson AT digium DOT com>...

...ed Sessions Severity Major Exploits Known No Reported On 6 January, 2015 Reported By Y Ateya Posted On 9 January, 2015 Last Updated On January 28, 2015 Advisory Contact Mark Michelson <mmichelson AT digium DOT com>...

...Product: iptables Version: 1.4.x Hardware: x86_64 OS: Ubuntu Status: NEW Severity: enhancement Priority: P5 Component: iptables-save Assignee: netfilter-buglog at lists.netfilter.org Reporter: y.ateya at starkbits.com If this rule is added: iptables -A OUTPUT -p udp --source-port 4566 -j NFQUEUE --queue-num 0 --queue-bypass iptables -L result is (OUTPUT chain only): Chain OUTPUT (policy ACCEPT) target prot opt source destination NFQUEUE udp -- 0.0.0.0/0...

...configuration, resulting in path translation WARNINGs (Reported by Matt Jordan) * ASTERISK-22352 - [patch] IAX2 custom qualify timer is not taken into account (Reported by Frederic Van Espen) * ASTERISK-24894 - [patch] iax2_poke_noanswer expiration timer too short (Reported by Y Ateya) * ASTERISK-23319 - Segmentation fault in queue_exec at app_queue.c (Reported by Vadim) * ASTERISK-24847 - [security] [patch] tcptls: certificate CN NULL byte prefix bug (Reported by Matt Jordan) * ASTERISK-21211 - chan_iax2 - unprotected access of iaxs[peer->callno] potenti...

...configuration, resulting in path translation WARNINGs (Reported by Matt Jordan) * ASTERISK-22352 - [patch] IAX2 custom qualify timer is not taken into account (Reported by Frederic Van Espen) * ASTERISK-24894 - [patch] iax2_poke_noanswer expiration timer too short (Reported by Y Ateya) * ASTERISK-23319 - Segmentation fault in queue_exec at app_queue.c (Reported by Vadim) * ASTERISK-24847 - [security] [patch] tcptls: certificate CN NULL byte prefix bug (Reported by Matt Jordan) * ASTERISK-21211 - chan_iax2 - unprotected access of iaxs[peer->callno] potenti...

...gistrations after reload. (Reported by Richard Mudgett) * ASTERISK-24676 - Security Vulnerability: URL request injection in libCURL (CVE-2014-8150) (Reported by Matt Jordan) * ASTERISK-24666 - Security Vulnerability: RTP not closed after sip call using unsupported codec (Reported by Y Ateya) * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL versions (Reported by Jared Biel) * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by Stephan Eisvogel) * ASTERISK-24736 - Memory Leak Fixes (Reported by Mark Michelson) * ASTERISK-24635 - PJSIP outbound PUBLI...

...gistrations after reload. (Reported by Richard Mudgett) * ASTERISK-24676 - Security Vulnerability: URL request injection in libCURL (CVE-2014-8150) (Reported by Matt Jordan) * ASTERISK-24666 - Security Vulnerability: RTP not closed after sip call using unsupported codec (Reported by Y Ateya) * ASTERISK-24711 - DTLS handshake broken with latest OpenSSL versions (Reported by Jared Biel) * ASTERISK-24646 - PJSIP changeset 4899 breaks TLS (Reported by Stephan Eisvogel) * ASTERISK-24736 - Memory Leak Fixes (Reported by Mark Michelson) * ASTERISK-24635 - PJSIP outbound PUBLI...

...pdates (Reported by Joshua Colp) * ASTERISK-25087 - Asterisk segfault when using Directory application with alias option and specific mailbox configuration (Reported by Chet Stevens) * ASTERISK-24983 - IAX deadlock between hangup and scheduled actions (ex. largrq) (Reported by Y Ateya) * ASTERISK-25096 - [patch]Segfault when registering over websockets with PJSIP (in ast_sockaddr_isnull at /include/asterisk/netsock2.h) (Reported by Josh Kitchens) * ASTERISK-24963 - ASAN: heap-use-after-free with PJSIP and WSS (Reported by Badalian Vyacheslav) * ASTERISK-2255...

...configuration, resulting in path translation WARNINGs (Reported by Matt Jordan) * ASTERISK-22352 - [patch] IAX2 custom qualify timer is not taken into account (Reported by Frederic Van Espen) * ASTERISK-24894 - [patch] iax2_poke_noanswer expiration timer too short (Reported by Y Ateya) * ASTERISK-24935 - res_pjsip_phoneprov_provider: Fix leaked OBJ_MULTIPLE iterator. (Reported by Corey Farrell) * ASTERISK-23319 - Segmentation fault in queue_exec at app_queue.c (Reported by Vadim) * ASTERISK-24933 - T38 fails negotiation (Reported by Jonathan Rose) * ASTERIS...

...configuration, resulting in path translation WARNINGs (Reported by Matt Jordan) * ASTERISK-22352 - [patch] IAX2 custom qualify timer is not taken into account (Reported by Frederic Van Espen) * ASTERISK-24894 - [patch] iax2_poke_noanswer expiration timer too short (Reported by Y Ateya) * ASTERISK-24935 - res_pjsip_phoneprov_provider: Fix leaked OBJ_MULTIPLE iterator. (Reported by Corey Farrell) * ASTERISK-23319 - Segmentation fault in queue_exec at app_queue.c (Reported by Vadim) * ASTERISK-24933 - T38 fails negotiation (Reported by Jonathan Rose) * ASTERIS...

...pdates (Reported by Joshua Colp) * ASTERISK-25087 - Asterisk segfault when using Directory application with alias option and specific mailbox configuration (Reported by Chet Stevens) * ASTERISK-24983 - IAX deadlock between hangup and scheduled actions (ex. largrq) (Reported by Y Ateya) * ASTERISK-25096 - [patch]Segfault when registering over websockets with PJSIP (in ast_sockaddr_isnull at /include/asterisk/netsock2.h) (Reported by Josh Kitchens) * ASTERISK-24963 - ASAN: heap-use-after-free with PJSIP and WSS (Reported by Badalian Vyacheslav) * ASTERISK-2255...

...i: Fix manager action registrations. (Reported by Corey Farrell) * ASTERISK-25112 - Logger: Configuration settings are not reset to default during reload. (Reported by Corey Farrell) * ASTERISK-24983 - IAX deadlock between hangup and scheduled actions (ex. largrq) (Reported by Y Ateya) * ASTERISK-24944 - main/audiohook.c change prevents G722 call recording (Reported by Ronald Raikes) * ASTERISK-25110 - res_resolver_unbound.c compilation failure: SIGURG is undeclared in func unbound_resolver_stop (Reported by John Bigelow) * ASTERISK-24887 - [patch]tags in a=...

.../browse/ASTERISK-25112>] - Logger: Configuration settings are not reset to default during reload. (Reported by Corey Farrell) - [ASTERISK-24983 <https://issues.asterisk.org/jira/browse/ASTERISK-24983>] - IAX deadlock between hangup and scheduled actions (ex. largrq) (Reported by Y Ateya) - [ASTERISK-24944 <https://issues.asterisk.org/jira/browse/ASTERISK-24944>] - main/audiohook.c change prevents G722 call recording (Reported by Ronald Raikes) - [ASTERISK-25110 <https://issues.asterisk.org/jira/browse/ASTERISK-25110>] - res_resolver_unbound.c compilatio...