AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users

Asterisk Project Security Advisory - AST-2012-013 Product Asterisk Summary ACL rules ignored when placing outbound calls by certain IAX2 users Nature of Advisory Unauthorized use of system Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known None Reported On 07/27/2012...

CVE-2012-3863

channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a...

Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)

The Asterisk Development Team has announced the release of Asterisk 1.8.12.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.12.2 resolves an issue reported by the community and would have not been possible...

AST-2011-011: Possible enumeration of SIP users due to differing authentication responses

Asterisk Project Security Advisory - AST-2011-011 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Possible enumeration of SIP users due to | | | differing...

Asterisk 1.8.x SIP User Enumeration

Asterisk, sip response permit username identification through use INVITE Author: francesco.tornieri "At" verona-wireless.net Summary: Sip responses permit user identification Release Date: 01/05/2011 Criticality level: Low Impact: Information leak Software: Asterisk 1.8.x tested 1.8.3.2...