Displaying 20 results from an estimated 2000 matches similar to: "AST-2009-008: SIP responses expose valid usernames"
2009 Nov 04
0
Asterisk 1.2.36, 1.4.26.3, 1.6.0.17, and 1.6.1.9 Now Available
The Asterisk Development Team has announced security releases for Asterisk as
the following versions:
* 1.2.36
* 1.4.26.3
* 1.6.0.17
* 1.6.1.9
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/
The release of 1.2.36 resolves an issue where sending a REGISTER with a
differing username in the From URI and Authorization header
2009 Nov 04
0
Asterisk 1.2.36, 1.4.26.3, 1.6.0.17, and 1.6.1.9 Now Available
The Asterisk Development Team has announced security releases for Asterisk as
the following versions:
* 1.2.36
* 1.4.26.3
* 1.6.0.17
* 1.6.1.9
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/
The release of 1.2.36 resolves an issue where sending a REGISTER with a
differing username in the From URI and Authorization header
2007 Aug 21
0
AST-2007-020: Resource Exhaustion vulnerability in SIP channel driver
Asterisk Project Security Advisory - AST-2007-020
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Resource Exhaustion vulnerability in SIP channel |
| | driver
2007 Aug 21
0
AST-2007-020: Resource Exhaustion vulnerability in SIP channel driver
Asterisk Project Security Advisory - AST-2007-020
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Resource Exhaustion vulnerability in SIP channel |
| | driver
2007 Aug 24
0
AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage
Asterisk Project Security Advisory - AST-2007-021
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Crash from invalid/corrupted MIME bodies when |
| | using
2007 Aug 24
0
AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage
Asterisk Project Security Advisory - AST-2007-021
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Crash from invalid/corrupted MIME bodies when |
| | using
2007 Jul 17
0
ASA-2007-017: Remote crash vulnerability in STUN implementation
Asterisk Project Security Advisory - ASA-2007-017
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in STUN implementation |
2007 Jul 17
0
ASA-2007-017: Remote crash vulnerability in STUN implementation
Asterisk Project Security Advisory - ASA-2007-017
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in STUN implementation |
2007 Jul 17
0
ASA-2007-016: Remote crash vulnerability in Skinny channel driver
Asterisk Project Security Advisory - ASA-2007-016
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote crash vulnerability in Skinny channel |
| | driver
2007 Jul 17
0
ASA-2007-016: Remote crash vulnerability in Skinny channel driver
Asterisk Project Security Advisory - ASA-2007-016
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote crash vulnerability in Skinny channel |
| | driver
2007 Jul 17
0
ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-015
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in IAX2 channel driver |
2007 Jul 17
0
ASA-2007-015: Remote Crash Vulnerability in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-015
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Remote Crash Vulnerability in IAX2 channel driver |
2007 Jul 17
0
ASA-2007-014: Stack buffer overflow in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-014
+------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | Stack buffer overflow in IAX2 channel driver |
2007 Jul 17
0
ASA-2007-014: Stack buffer overflow in IAX2 channel driver
Asterisk Project Security Advisory - ASA-2007-014
+------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | Stack buffer overflow in IAX2 channel driver |
2009 Sep 04
0
[Fwd: AST-2009-006: IAX2 Call Number Resource Exhaustion]
Hello,
Just in case someone hasn't upgraded yet, and is using IAX2.
-------- Original Message --------
Subject: AST-2009-006: IAX2 Call Number Resource Exhaustion
Date: Thu, 03 Sep 2009 17:47:35 -0500
From: Asterisk Security Team <security at asterisk.org>
To: bugtraq at securityfocus.com
Asterisk Project Security Advisory - AST-2009-006
2008 May 22
0
/home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised
Asterisk Project Security Advisory - AST-2008-007
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Asterisk installations using cryptographic keys |
| | generated
2008 Mar 18
0
AST-2008-003: Unauthenticated calls allowed from SIP channel driver
Asterisk Project Security Advisory - AST-2008-003
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Unauthenticated calls allowed from SIP channel |
| | driver
2008 Mar 18
0
AST-2008-003: Unauthenticated calls allowed from SIP channel driver
Asterisk Project Security Advisory - AST-2008-003
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Unauthenticated calls allowed from SIP channel |
| | driver
2008 Jul 22
0
AST-2008-010: Asterisk IAX 'POKE' resource exhaustion
Asterisk Project Security Advisory - AST-2008-010
+------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | Asterisk IAX 'POKE' resource exhaustion |
2008 Jul 22
0
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system
Asterisk Project Security Advisory - AST-2008-011
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Traffic amplification in IAX2 firmware |
| |