Asterisk security : ACL not respected on SIP INVITE

A missing ACL check for handling SIP INVITEs allows a device to make calls on networks intended to be prohibited as defined by the “deny” and “permit” lines in sip.conf. The ACL check for handling SIP  registrations was not affected.

http://www.asterisk.org/security

Comments

• Recently Written

  • You do not appear to have the sources for the `uname -r` kernel installed.
  • Foniva just launch a new call center software
  • Asterisk configuration templates. Use the (+) option
  • Asterisk : spy a conversation
  • Install asterisk on ubuntu (apt-get)
  • Asterisk security : ACL not respected on SIP INVITE
  • Asterisk and others PBX monitoring
  • Asterisk: send and receive fax
  • asterisk : Run linux command from asterisk cli
  • Asterisk security : AST-2009-004: Remote Crash Vulnerability in RTP stack

• Categories

  • Tricks
  • Uncategorized

• Archives

  • July 2010
  • May 2010
  • January 2010
  • November 2009
  • October 2009
  • August 2009
  • July 2009
  • June 2009
  • March 2009
  • February 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008

• Admin

  • Log in
  • WordPress
  • XHTML

•