Displaying 20 results from an estimated 40000 matches similar to: "Asterisk 1.4.3 Released"
2007 Apr 24
0
Asterisk Project Security Adivsory Process
Recent events, including vulnerabilities that were reported and the
subsequent discussions about how they were handled, have made those of
us that manage Asterisk development decide that it is time for the
Asterisk project to have a formal security vulnerability and advisory
reporting process.
Over the next few weeks we will begin to formalize and document this
process on the asterisk.org
2007 Apr 24
0
Asterisk Project Security Adivsory Process
Recent events, including vulnerabilities that were reported and the
subsequent discussions about how they were handled, have made those of
us that manage Asterisk development decide that it is time for the
Asterisk project to have a formal security vulnerability and advisory
reporting process.
Over the next few weeks we will begin to formalize and document this
process on the asterisk.org
2007 Apr 24
0
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code
> Asterisk Project Security Advisory - ASA-2007-010
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |--------------------+---------------------------------------------------|
> | Summary | Two stack buffer overflows in SIP
2007 Apr 24
0
ASA-2007-010: Two stack buffer overflows in SIP channel's T.38 SDP parsing code
> Asterisk Project Security Advisory - ASA-2007-010
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |--------------------+---------------------------------------------------|
> | Summary | Two stack buffer overflows in SIP
2007 Apr 24
0
ASA-2007-012: Remote Crash Vulnerability in Manager Interface
> Asterisk Project Security Advisory - ASA-2007-012
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |---------------------+--------------------------------------------------|
> | Summary | Remote Crash Vulnerability in Manager
2007 Apr 24
0
ASA-2007-012: Remote Crash Vulnerability in Manager Interface
> Asterisk Project Security Advisory - ASA-2007-012
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |---------------------+--------------------------------------------------|
> | Summary | Remote Crash Vulnerability in Manager
2007 Apr 25
0
Asterisk 1.2.18 Released
The Asterisk.org development team has released Asterisk version 1.2.18.
This release contains a large number of fixes, including:
- A recently published security vulnerability in the manager interface
(ASA-2007-012)
- Another recently published security vulnerability in the SIP channel
driver
(ASA-2007-011)
A full list of changes is available in the ChangeLog.
Thank you for your
2007 Apr 25
0
Asterisk 1.2.18 Released
The Asterisk.org development team has released Asterisk version 1.2.18.
This release contains a large number of fixes, including:
- A recently published security vulnerability in the manager interface
(ASA-2007-012)
- Another recently published security vulnerability in the SIP channel
driver
(ASA-2007-011)
A full list of changes is available in the ChangeLog.
Thank you for your
2007 Jul 17
0
Critical Updates: Asterisk 1.2.22 and 1.4.8 released
The Asterisk development team has released Asterisk versions 1.2.22 and
1.4.8.
These releases contain fixes for four critical security vulnerabilities.
One of these vulnerabilities is a remotely exploitable stack buffer
overflow, which could allow an attacker to execute arbitrary code on the
target machine. The other three are all remotely exploitable crash
vulnerabilities.
We have released
2007 Jul 17
0
Critical Updates: Asterisk 1.2.22 and 1.4.8 released
The Asterisk development team has released Asterisk versions 1.2.22 and
1.4.8.
These releases contain fixes for four critical security vulnerabilities.
One of these vulnerabilities is a remotely exploitable stack buffer
overflow, which could allow an attacker to execute arbitrary code on the
target machine. The other three are all remotely exploitable crash
vulnerabilities.
We have released
2007 Apr 24
0
ASA-2007-011: Multiple problems in SIP channel parser handling response codes
> Asterisk Project Security Advisory - ASA-2007-011
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |--------------------+---------------------------------------------------|
> | Summary | Multiple problems in SIP channel parser
2007 Apr 24
0
ASA-2007-011: Multiple problems in SIP channel parser handling response codes
> Asterisk Project Security Advisory - ASA-2007-011
>
> +------------------------------------------------------------------------+
> | Product | Asterisk |
> |--------------------+---------------------------------------------------|
> | Summary | Multiple problems in SIP channel parser
2007 Jul 17
0
ASA-2007-017: Remote crash vulnerability in STUN implementation
Asterisk Project Security Advisory - ASA-2007-017
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in STUN implementation |
2007 Jul 17
0
ASA-2007-017: Remote crash vulnerability in STUN implementation
Asterisk Project Security Advisory - ASA-2007-017
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in STUN implementation |
2007 Jul 17
0
ASA-2007-016: Remote crash vulnerability in Skinny channel driver
Asterisk Project Security Advisory - ASA-2007-016
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote crash vulnerability in Skinny channel |
| | driver
2007 Jul 17
0
ASA-2007-016: Remote crash vulnerability in Skinny channel driver
Asterisk Project Security Advisory - ASA-2007-016
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote crash vulnerability in Skinny channel |
| | driver
2007 Jul 17
0
ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-015
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in IAX2 channel driver |
2007 Jul 17
0
ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-015
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in IAX2 channel driver |
2007 Nov 29
0
Asterisk 1.4.15 and 1.2.25 Released
The Asterisk.org development team has released Asterisk versions 1.4.15 and
1.2.25. These releases contain two fixes for security issues.
http://downloads.digium.com/pub/asa/AST-2007-025.pdf
* This is a SQL injection vulnerability in the res_config_pgsql module.
Default installations of Asterisk are not affected. However, any system using
the Postgres Realtime Engine may be remotely
2007 Nov 29
0
Asterisk 1.4.15 and 1.2.25 Released
The Asterisk.org development team has released Asterisk versions 1.4.15 and
1.2.25. These releases contain two fixes for security issues.
http://downloads.digium.com/pub/asa/AST-2007-025.pdf
* This is a SQL injection vulnerability in the res_config_pgsql module.
Default installations of Asterisk are not affected. However, any system using
the Postgres Realtime Engine may be remotely