similar to: AST-2018-010: Remote crash vulnerability DNS SRV and NAPTR lookups

Asterisk Project Security Advisory - AST-2018-010 Product Asterisk Remote crash vulnerability DNS SRV and NAPTR lookups Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

The Asterisk Development Team would like to announce security releases for Asterisk 15 and 16. The available releases are released as versions 15.6.2 and 16.0.1. These releases are available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk/releases The following security vulnerabilities were resolved in these versions: There is a buffer overflow vulnerability

Asterisk Project Security Advisory - AST-2017-013 Product Asterisk Summary DOS Vulnerability in Asterisk chan_skinny Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity

Asterisk Project Security Advisory - AST-2019-001 Product Asterisk Summary Remote crash vulnerability with SDP protocol violation Nature of Advisory Denial Of Service Susceptibility Remote

Asterisk Project Security Advisory - AST-2019-002 Product Asterisk Summary Remote crash vulnerability with MESSAGE messages Nature of Advisory Denial Of Service Susceptibility Remote Authenticated Sessions Severity Low

Since e164.org added DNC and ADDRESS records my enum configuration has failed. Using both the old EnumLookup app and the new ENUMLOOKUP function, the lookups have consistantly failed since e164.org added E2U+ADDRESS and E2U+DNC records. Mar 6 17:39:44 WARNING[14222]: enum.c:235 parse_naptr: NAPTR Regex match failed. Mar 6 17:39:44 WARNING[14222]: enum.c:354 enum_callback: Failed to parse naptr

Asterisk Project Security Advisory - AST-2018-009 Product Asterisk Summary Remote crash vulnerability in HTTP websocket upgrade Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

This has been giving me a headache for a little while, so I thought I would throw the question out to the list. Imagine there is a database lookup function that takes place that, given a number, returns call routing information. It might be a postgresql lookup, it might be an enum lookup. If I have something like: exten => _.,1,LookUp(${EXTEN}) exten => _.,2,Dial(${RESULT}) Then the

Asterisk Project Security Advisory - AST-2017-010 Product Asterisk Summary Buffer overflow in CDR's set user Nature of Advisory Buffer Overflow Susceptibility Remote Authenticated Sessions Severity

Asterisk Project Security Advisory - AST-2017-007 Product Asterisk Summary Remote Crash Vulerability in res_pjsip Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate

Asterisk Project Security Advisory - AST-2017-004 Product Asterisk Summary Memory exhaustion on short SCCP packets Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity

Asterisk Project Security Advisory - AST-2018-005 Product Asterisk Summary Crash when large numbers of TCP connections are closed suddenly Nature of Advisory Remote Crash Susceptibility Remote

Asterisk Project Security Advisory - AST-2019-007 Product Asterisk Summary AMI user could execute system commands. Nature of Advisory Remote Code Execution Susceptibility Remote Authenticated Sessions Severity Minor

Asterisk Project Security Advisory - AST-2017-009 Product Asterisk Summary Buffer overflow in pjproject header parsing can cause crash in Asterisk Nature of Advisory Denial of Service Susceptibility Remote

Asterisk Project Security Advisory - AST-2014-010 Product Asterisk Summary Remote crash when handling out of call message in certain dialplan configurations Nature of Advisory Remotely triggered crash of Asterisk Susceptibility Remote

Asterisk Project Security Advisory - AST-2014-010 Product Asterisk Summary Remote crash when handling out of call message in certain dialplan configurations Nature of Advisory Remotely triggered crash of Asterisk Susceptibility Remote

Asterisk Project Security Advisory - AST-2008-010 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Asterisk IAX 'POKE' resource exhaustion |

The Asterisk Development Team would like to announce the release of Asterisk 15.7.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 15.7.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following issues are resolved in this release:

Hello everyone, I playing around with ENUM and have configured * to query a few sources for testing purposes (fierymoon, e164.arpa, e164.org). I'd like to know if there is a way to query these servers manually (ie outside of asterisk via nslookup or equivalent) to find out if particular exchanges are listed with wildcards, so as to terminate calls to those prefixes (I'm not trying to

Hi all, I have a problem with 1.6.1.7-rc1 and ENUM (with an own PowerDNS server and NAPTR record). Maybe somebody has more experience with this or can give me some input. The dialplan: exten => 292,1,Set(DIAL_NUMBER=43660123456) exten => 292,2,Set(sip= ${ENUMLOOKUP(+${DIAL_NUMBER},sip,,1,ns3.e164.xxx.com)}) ;x'ed out the domain name starting from here exten => 292,3,NoOp(${sip})