AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users

Asterisk Project Security Advisory - AST-2012-013 Product Asterisk Summary ACL rules ignored when placing outbound calls by certain IAX2 users Nature of Advisory Unauthorized use of system Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known None Reported On 07/27/2012...

CVE-2012-3863

channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a...

Asterisk 1.8.x SIP User Enumeration

Asterisk, sip response permit username identification through use INVITE Author: francesco.tornieri "At" verona-wireless.net Summary: Sip responses permit user identification Release Date: 01/05/2011 Criticality level: Low Impact: Information leak Software: Asterisk 1.8.x tested 1.8.3.2...