30 matches found
AST-2014-019: Remote Crash Vulnerability in WebSocket Server
Asterisk Project Security Advisory - AST-2014-019 Product Asterisk Summary Remote Crash Vulnerability in WebSocket Server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On 30 October 2014 Reported By Badalian...
AST-2014-014: High call load may result in hung channels in ConfBridge.
Asterisk Project Security Advisory - AST-2014-014 Product Asterisk Summary High call load may result in hung channels in ConfBridge. Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On 19 October, 2014 Reported By Ben...
AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework
Asterisk Project Security Advisory - AST-2014-005 Product Asterisk Summary Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On March 17, 2014 Reported...
AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver
Asterisk Project Security Advisory - AST-2014-003 Product Asterisk Summary Remote Crash Vulnerability in PJSIP channel driver Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On January 29, 2014 Reported By Joshua Col...
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
Asterisk Project Security Advisory - AST-2014-001 Product Asterisk Summary Stack Overflow in HTTP Processing of Cookie Headers. Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On February 21, 2014 Reported By Lucas...
AST-2013-003: Username disclosure in SIP channel driver
Asterisk Project Security Advisory - AST-2013-003 Product Asterisk Summary Username disclosure in SIP channel driver Nature of Advisory Unauthorized data disclosure Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On January 30, 2013 Reported By Walter...
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
Asterisk Project Security Advisory - AST-2013-001 Product Asterisk Summary Buffer Overflow Exploit Through SIP SDP Header Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known No Reported On 6 January, 2013 Reported By Ul...
AST-2013-002: Denial of Service in HTTP server
Asterisk Project Security Advisory - AST-2013-002 Product Asterisk Summary Denial of Service in HTTP server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On January 21, 2013 Reported By Christoph Hebeisen, TELUS...
AST-2011-003:
Product Asterisk Summary Resource exhaustion in Asterisk Manager Interface Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions if manager interface is accessible Severity Moderate Exploits Known No Reported On March 1, 2011 Reported By Blake Cornell...
AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
Asterisk Project Security Advisory - AST-2011-002 Product Asterisk Summary Multiple array overflow and crash vulnerabilities in UDPTL code Nature of Advisory Exploitable Stack and Heap Array Overflows Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On...
AST-2010-003: Invalid parsing of ACL rules can compromise security
Asterisk Project Security Advisory - AST-2010-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Invalid parsing of ACL rules can compromise | | | security |...
AST-2010-002: Dialplan injection vulnerability
Asterisk Project Security Advisory - AST-2010-002 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Dialplan injection vulnerability |...
AST-2009-008: SIP responses expose valid usernames
Asterisk Project Security Advisory - AST-2009-008 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | SIP responses expose valid usernames |...
AST-2009-006: IAX2 Call Number Resource Exhaustion
Asterisk Project Security Advisory - AST-2009-006 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | IAX2 Call Number Resource Exhaustion |...
AST-2009-005: Remote Crash Vulnerability in SIP channel driver
Asterisk Project Security Advisory - AST-2009-005 +------------------------------------------------------------------------+ | Product | Asterisk | |---------------------+--------------------------------------------------| | Summary | Remote Crash Vulnerability in SIP channel driver |...
AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver
Asterisk Project Security Advisory - AST-2008-009 +------------------------------------------------------------------------+ | Product | Asterisk-Addons | |--------------------+---------------------------------------------------| | Summary | Remote crash vulnerability in ooh323 channel | | | driv...
AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
Asterisk Project Security Advisory - AST-2008-008 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Remote Crash Vulnerability in SIP channel driver | | | when ru...
AST-2008-006 - 3-way handshake in IAX2 incomplete
Asterisk Project Security Advisory - AST-2008-006 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | 3-way handshake in IAX2 incomplete |...
AST-2008-003: Unauthenticated calls allowed from SIP channel driver
Asterisk Project Security Advisory - AST-2008-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Unauthenticated calls allowed from SIP channel | | | driver |...
AST-2008-002: Two buffer overflows in RTP Codec Payload Handling
Asterisk Project Security Advisory - AST-2008-002 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Two buffer overflows in RTP Codec Payload | | | Handling |...