what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Torrey Searle

Asterisk Project Security Advisory - AST-2020-003

Posted Dec 23, 2020

Authored by Kevin Harwell, Torrey Searle | Site asterisk.org

Asterisk Project Security Advisory - A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. Note, the remote client must be authenticated, or Asterisk must be configured for anonymous calling in order for this problem to manifest.

tags | advisory, remote

SHA-256 | 48af91212546e76d006116dba7b12815d843a845495623b78255f9379d3b2484

Download | Favorite | View

Asterisk Project Security Advisory - AST-2016-003

Posted Feb 6, 2016

Authored by Richard Mudgett, Walter Dokes, Torrey Searle | Site asterisk.org

Asterisk Project Security Advisory - If no UDPTL packets are lost there is no problem. However, a lost packet causes Asterisk to use the available error correcting redundancy packets. If those redundancy packets have zero length then Asterisk uses an uninitialized buffer pointer and length value which can cause invalid memory accesses later when the packet is copied.

tags | advisory

SHA-256 | d61d75b2607cad2c038cf03c5bb97339a5ed2401ece282ee0a7010c19c84efbf

Download | Favorite | View