Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

AST-2016-004: Long Contact URIs in REGISTER requests can crash

April 14, 2016

http://downloads.asterisk.org/pub/security/AST-2016-004.pdf

https://downloads.asterisk.org/pub/security/AST-2016-004.pdf

AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data

February 3, 2016

http://downloads.asterisk.org/pub/security/AST-2016-003.pdf

https://downloads.asterisk.org/pub/security/AST-2016-003.pdf

AST-2016-002: File descriptor exhaustion in chan_sip

February 3, 2016

http://downloads.asterisk.org/pub/security/AST-2016-002.pdf

https://downloads.asterisk.org/pub/security/AST-2016-002.pdf

AST-2016-001: BEAST vulnerability in HTTP server

February 3, 2016

http://downloads.asterisk.org/pub/security/AST-2016-001.pdf

https://downloads.asterisk.org/pub/security/AST-2016-001.pdf

AST-2015-003: TLS Certificate Common Name NULL Byte Exploit

April 8, 2015

http://downloads.asterisk.org/pub/security/AST-2015-003.pdf

https://downloads.asterisk.org/pub/security/AST-2015-003.pdf