Displaying 20 results from an estimated 5000 matches similar to: "AST-2019-006: SIP request can change address of a SIP peer."
2019 Nov 21
0
Asterisk 13.29.2, 16.6.2, 17.0.1 and 13.21-cert5 Now Available (Security)
The Asterisk Development Team would like to announce security releases for
Asterisk 13, 16 and 17, and Certified Asterisk 13.21. The available releases are
released as versions 13.29.2, 16.6.2, 17.0.1 and 13.21-cert5.
These releases are available for immediate download at
https://downloads.asterisk.org/pub/telephony/asterisk/releases
2019 Nov 21
0
AST-2019-008: Re-invite with T.38 and malformed SDP causes crash.
Asterisk Project Security Advisory -
Product Asterisk
Summary Re-invite with T.38 and malformed SDP causes crash.
Nature of Advisory Remote Crash
Susceptibility Remote Authenticated Sessions
Severity Minor
2019 Nov 21
0
AST-2019-007: AMI user could execute system commands.
Asterisk Project Security Advisory - AST-2019-007
Product Asterisk
Summary AMI user could execute system commands.
Nature of Advisory Remote Code Execution
Susceptibility Remote Authenticated Sessions
Severity Minor
2020 Nov 05
0
AST-2020-002: Outbound INVITE loop on challenge with different nonce.
Asterisk Project Security Advisory – AST-2020-002
Product Asterisk
Summary Outbound INVITE loop on challenge with different
nonce.
Nature of Advisory Denial of Service
Susceptibility Remote
2018 Feb 21
0
AST-2018-006: WebSocket frames with 0 sized payload causes DoS
Asterisk Project Security Advisory - AST-2018-006
Product Asterisk
Summary WebSocket frames with 0 sized payload causes DoS
Nature of Advisory Denial of Service
Susceptibility Remote Unauthenticated Sessions
Severity Moderate
2017 Aug 31
0
AST-2017-006: Shell access command injection in app_minivm
Asterisk Project Security Advisory - AST-2017-006
Product Asterisk
Summary Shell access command injection in app_minivm
Nature of Advisory Unauthorized command execution
Susceptibility Remote Authenticated Sessions
Severity Moderate
2020 Nov 05
0
AST-2020-001: Remote crash in res_pjsip_session
Asterisk Project Security Advisory - AST-2020-001
Product Asterisk
Summary Remote crash in res_pjsip_session
Nature of Advisory Denial of service
Susceptibility Remote authenticated sessions
Severity
2020 May 11
1
Asterisk versions?
Thanks for that info, Ben. I do like to test out the latest and most
up-to-date versions of things when I can, so I'll check those files
and see how it goes.
On 2020-05-11 17:20,
Ben Ford <bford at digium.com> put forth the proposition:
> Hey Dave,
>
> In the case of 13 and 16, these are LTS versions which means that they get
> long term service. 17 is a standard release.
2016 Apr 14
0
AST-2016-004: Long Contact URIs in REGISTER requests can crash Asterisk
Asterisk Project Security Advisory - AST-2016-004
Product Asterisk
Summary Long Contact URIs in REGISTER requests can crash
Asterisk
Nature of Advisory Remote Crash
Susceptibility Remote
2014 Mar 10
0
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
Asterisk Project Security Advisory - AST-2014-001
Product Asterisk
Summary Stack Overflow in HTTP Processing of Cookie Headers.
Nature of Advisory Denial Of Service
Susceptibility Remote Unauthenticated Sessions
Severity Moderate
2014 Mar 10
0
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
Asterisk Project Security Advisory - AST-2014-001
Product Asterisk
Summary Stack Overflow in HTTP Processing of Cookie Headers.
Nature of Advisory Denial Of Service
Susceptibility Remote Unauthenticated Sessions
Severity Moderate
2019 Jul 11
0
AST-2019-002: Remote crash vulnerability with MESSAGE messages
Asterisk Project Security Advisory - AST-2019-002
Product Asterisk
Summary Remote crash vulnerability with MESSAGE messages
Nature of Advisory Denial Of Service
Susceptibility Remote Authenticated Sessions
Severity Low
2019 Jul 11
0
AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver
Asterisk Project Security Advisory - AST-2019-003
Product Asterisk
Summary Remote Crash Vulnerability in chan_sip channel
driver
Nature of Advisory Denial of Service
Susceptibility Remote
2015 Apr 08
0
AST-2015-003: TLS Certificate Common name NULL byte exploit
Asterisk Project Security Advisory - AST-2015-003
Product Asterisk
Summary TLS Certificate Common name NULL byte exploit
Nature of Advisory Man in the Middle Attack
Susceptibility Remote Authenticated Sessions
Severity Major
2015 Apr 08
0
AST-2015-003: TLS Certificate Common name NULL byte exploit
Asterisk Project Security Advisory - AST-2015-003
Product Asterisk
Summary TLS Certificate Common name NULL byte exploit
Nature of Advisory Man in the Middle Attack
Susceptibility Remote Authenticated Sessions
Severity Major
2016 Apr 14
0
AST-2016-005: TCP denial of service in PJProject
Asterisk Project Security Advisory - AST-2016-005
Product Asterisk
Summary TCP denial of service in PJProject
Nature of Advisory Crash/Denial of Service
Susceptibility Remote Unauthenticated Sessions
Severity Critical
2014 Mar 10
0
AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers
Asterisk Project Security Advisory - AST-2014-002
Product Asterisk
Summary Denial of Service Through File Descriptor Exhaustion
with chan_sip Session-Timers
Nature of Advisory Denial of Service
Susceptibility Remote
2014 Mar 10
0
AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers
Asterisk Project Security Advisory - AST-2014-002
Product Asterisk
Summary Denial of Service Through File Descriptor Exhaustion
with chan_sip Session-Timers
Nature of Advisory Denial of Service
Susceptibility Remote
2011 Apr 21
0
AST-2011-006: Asterisk Manager User Shell Access
Asterisk Project Security Advisory - AST-2011-006
Product Asterisk
Summary Asterisk Manager User Shell Access
Nature of Advisory Permission Escalation
Susceptibility Remote Authenticated Sessions
Severity Minor
2013 Dec 16
0
AST-2013-006: Buffer Overflow when receiving odd length 16 bit SMS message
Asterisk Project Security Advisory - AST-2013-006
Product Asterisk
Summary Buffer Overflow when receiving odd length 16 bit SMS
message
Nature of Advisory Buffer Overflow and Remote Crash
Susceptibility Remote