«
Expand/Collapse
107 items tagged "asterisk"
Related tags:
vulnerability [+],
stack buffer [+],
enumeration [+],
username [+],
malformed request [+],
buffer overflow [+],
tls [+],
tcp [+],
shell commands [+],
remote [+],
pbx [+],
null pointer [+],
multiple [+],
interface [+],
dsa [+],
buffer [+],
resource exhaustion [+],
manager [+],
command execution [+],
project security [+],
project [+],
security [+],
window of time [+],
voip [+],
updtl [+],
tls server [+],
source port [+],
shell [+],
segmentation fault [+],
rport [+],
resource [+],
phorensix [+],
pedantic mode [+],
packets [+],
nat force [+],
nat [+],
forensics [+],
faxmaxdatagram [+],
exhaustion [+],
enumerator [+],
attacker [+],
arrays [+],
vulnerabilities [+],
skinny channel [+],
shell command [+],
service [+],
sdp [+],
safer use [+],
my pbx [+],
manager users [+],
heap [+],
hacks [+],
glsa [+],
field [+],
driver [+],
command [+],
buffer overflow vulnerability [+],
buffer overflow vulnerabilities [+],
based buffer overflow [+],
arbitrary command [+],
security advisory [+],
xss [+],
wolfram alpha api [+],
wolfram alpha [+],
wolfram [+],
video [+],
version [+],
variable string [+],
usa [+],
unauthorized shell [+],
txt [+],
tiny computer [+],
telephone company [+],
telephone [+],
strom carlson [+],
strom [+],
srtp [+],
slides [+],
siri [+],
sip channel [+],
sheevaplug [+],
schulman [+],
remote security [+],
regression [+],
recording [+],
ratchet [+],
privilege escalation vulnerability [+],
phishing [+],
personal assistant [+],
notation [+],
misc [+],
manager user [+],
jay schulman [+],
home [+],
header [+],
greg [+],
exten [+],
escalation [+],
elastix [+],
dialplan [+],
denial of service attack [+],
contact [+],
company [+],
cidr notation [+],
cidr [+],
bundle [+],
bugtraq [+],
black hat [+],
ast [+],
assistant [+],
api [+],
access permission [+],
sip [+],
manager interface [+],
service vulnerability [+],
denial of service [+],
user [+]
-
-
16:07
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.
-
16:07
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.
-
16:07
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.
-
16:06
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
16:06
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
16:06
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
16:04
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.
-
16:04
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.
-
16:04
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.
-
-
20:07
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - An attacker attempting to connect to an HTTP session of the Asterisk Manager Interface can send an arbitrarily long string value for HTTP Digest Authentication. This causes a stack buffer overflow, with the possibility of remote code injection.
-
20:07
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - An attacker attempting to connect to an HTTP session of the Asterisk Manager Interface can send an arbitrarily long string value for HTTP Digest Authentication. This causes a stack buffer overflow, with the possibility of remote code injection.
-
20:07
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - An attacker attempting to connect to an HTTP session of the Asterisk Manager Interface can send an arbitrarily long string value for HTTP Digest Authentication. This causes a stack buffer overflow, with the possibility of remote code injection.
-
-
15:01
»
Hack a Day
So you can spend a bundle on a new phone and it comes with a voice-activated digital assistant. But let’s be honest, it’s much more satisfying if you coded up this feature yourself. Here’s a guide on doing just that by combining an Asterisk server with the Wolfram Alpha API. Asterisk is a package we [...]
-
-
8:24
»
Packet Storm Security Exploits
This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.
-
8:24
»
Packet Storm Security Recent Files
This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.
-
8:24
»
Packet Storm Security Misc. Files
This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.
-
-
9:22
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and 1.6.2, this would mean if one setting was nat=yes or nat=route and the other was either nat=no or nat=never. In 1.8 and 10, this would mean when one was nat=force_rport or nat=yes and the other was nat=no or nat=comedia.
-
9:22
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and 1.6.2, this would mean if one setting was nat=yes or nat=route and the other was either nat=no or nat=never. In 1.8 and 10, this would mean when one was nat=force_rport or nat=yes and the other was nat=no or nat=comedia.
-
9:22
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. In 1.4 and 1.6.2, this would mean if one setting was nat=yes or nat=route and the other was either nat=no or nat=never. In 1.8 and 10, this would mean when one was nat=force_rport or nat=yes and the other was nat=no or nat=comedia.
-
-
16:11
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - Asterisk suffers from a denial of service vulnerability. When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash.
-
16:11
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - Asterisk suffers from a denial of service vulnerability. When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash.
-
16:11
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - Asterisk suffers from a denial of service vulnerability. When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash.
-
-
14:47
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
14:47
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
14:47
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
14:47
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
14:47
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
14:47
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - The SIP channel driver allows a remote authenticated user that ability to cause a crash with a malformed request due to an uninitialized variable.
-
-
17:14
»
SecuriTeam
A Privilege escalation vulnerability was discovered in Asterisk Manager User Shell.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
17:09
»
SecuriTeam
A Denial of Service vulnerability was identified on systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:00
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - Asterisk may respond differently to SIP requests from an invalid SIP user than it does to a user configured on the system, even when the alwaysauthreject option is set in the configuration. This can leak information about what SIP users are valid on the Asterisk system.
-
19:00
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - Asterisk may respond differently to SIP requests from an invalid SIP user than it does to a user configured on the system, even when the alwaysauthreject option is set in the configuration. This can leak information about what SIP users are valid on the Asterisk system.
-
19:00
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - Asterisk may respond differently to SIP requests from an invalid SIP user than it does to a user configured on the system, even when the alwaysauthreject option is set in the configuration. This can leak information about what SIP users are valid on the Asterisk system.
-
-
21:39
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.
-
21:39
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.
-
21:39
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.
-
-
17:19
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header with the "Application" header during an Originate action, allows authenticated manager users to execute shell commands. Only users with the "system" privilege should be able to do this.
-
17:19
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header with the "Application" header during an Originate action, allows authenticated manager users to execute shell commands. Only users with the "system" privilege should be able to do this.
-
16:58
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for an attacker to open as many connections to asterisk as he wishes. This will cause Asterisk to run out of available file descriptors and stop processing any new calls. Additionally, disk space can be exhausted as Asterisk logs failures to open new file descriptors.
-
16:58
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for an attacker to open as many connections to asterisk as he wishes. This will cause Asterisk to run out of available file descriptors and stop processing any new calls. Additionally, disk space can be exhausted as Asterisk logs failures to open new file descriptors.
-
16:58
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for an attacker to open as many connections to asterisk as he wishes. This will cause Asterisk to run out of available file descriptors and stop processing any new calls. Additionally, disk space can be exhausted as Asterisk logs failures to open new file descriptors.
-
-
6:53
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - The Asterisk TCP/TLS server suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
6:53
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - The Asterisk TCP/TLS server suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
6:53
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - The Asterisk TCP/TLS server suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
6:50
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - The Asterisk Manager Interface suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
6:50
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - The Asterisk Manager Interface suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
6:50
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - The Asterisk Manager Interface suffers from a denial of service vulnerability. Versions 1.6.1.x, 1.6.2.x, and 1.8.x are all affected.
-
-
15:06
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - When decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems doing T.38 pass through or termination are vulnerable.
-
15:06
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - When decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems doing T.38 pass through or termination are vulnerable.
-
15:06
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - When decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems doing T.38 pass through or termination are vulnerable.
-
-
13:23
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs.
-
13:23
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs.
-
13:23
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs.
-
-
7:19
»
Packet Storm Security Recent Files
Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.
-
7:19
»
Packet Storm Security Tools
Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.
-
7:19
»
Packet Storm Security Misc. Files
Phorensix is a post-login VoIP forensics tool created for Asterisk (tested on Asterisk 1.4.5 to be exact). Phorensix takes a look at a rogue host connecting to a vulnerable account. Who is connecting, where are they coming from, what are they doing to my PBX, what are they doing ON MY PBX.
-
-
22:08
»
SecuriTeam
This is a Denial of Service attack against Asterisk when negotiating T.38 over SIP.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:00
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - An attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash occurs when the FaxMaxDatagram field is omitted from the SDP as well.
-
21:00
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - An attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash occurs when the FaxMaxDatagram field is omitted from the SDP as well.
-
-
5:28
»
Hack a Day
[Greg] has been working on a version of Debian/ FreePBX/ Asterisk for people to be able to drop onto a SheevaPlug. If you haven’t seen it, the SheevaPlug is a tiny computer housed in a wall plug. They made some waves when they were announced last year, and we’ve spoken of them several times. [Greg] [...]
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution