Security Advisories

Stay up to date with the latest security advisories for the
Asterisk Project.

AST-2013-003: Username Disclosure in SIP Channel Driver

March 27, 2013

http://downloads.asterisk.org/pub/security/AST-2013-003.pdf

https://downloads.asterisk.org/pub/security/AST-2013-003.pdf

AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header

March 27, 2013

http://downloads.asterisk.org/pub/security/AST-2013-001.pdf

https://downloads.asterisk.org/pub/security/AST-2013-001.pdf

AST-2012-015: Denial of Service through exploitation of device state caching

January 2, 2013

http://downloads.asterisk.org/pub/security/AST-2012-015.pdf

https://downloads.asterisk.org/pub/security/AST-2012-015.pdf

AST-2012-014: Crashes due to large stack allocations when using TCP

January 2, 2013

http://downloads.digium.com/pub/security/AST-2012-014.pdf

https://downloads.digium.com/pub/security/AST-2012-014.pdf

AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users

August 30, 2012

http://downloads.asterisk.org/pub/security/AST-2012-013.pdf

https://downloads.asterisk.org/pub/security/AST-2012-013.pdf