Asterisk.org

Security Advisories

AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code

Feb 21, 2011

http://downloads.asterisk.org/pub/security/AST-2011-002.pdf

AST-2011-001: Stack buffer overflow in SIP channel driver

Jan 18, 2011

http://downloads.asterisk.org/pub/security/AST-2011-001.pdf

AST-2010-003: Invalid parsing of ACL rules can compromise security

Feb 25, 2010

http://downloads.asterisk.org/pub/security/AST-2010-003.pdf

AST-2010-002: Dialplan injection vulnerability

Feb 18, 2010

http://downloads.asterisk.org/pub/security/AST-2010-002.pdf

T.38 Remote Crash Vulnerability

Feb 2, 2010

http://downloads.asterisk.org/pub/security/AST-2010-001.pdf

RTP Remote Crash Vulnerability

Dec 8, 2009

http://downloads.asterisk.org/pub/security/AST-2009-010.pdf

Cross-site AJAX request vulnerability

Nov 4, 2009

http://downloads.asterisk.org/pub/security/AST-2009-009.pdf

SIP responses expose valid usernames

Nov 4, 2009

http://downloads.asterisk.org/pub/security/AST-2009-008.pdf

ACL not respected on SIP INVITE

Oct 26, 2009

http://downloads.asterisk.org/pub/security/AST-2009-007.pdf

IAX2 Call Number Resource Exhaustion

Oct 5, 2009

http://downloads.asterisk.org/pub/security/AST-2009-006.pdf

Pages