Showing 1 - 3 of 3

Files from Jason Parker

AST-2008-003.txt: Posted Mar 19, 2008; Authored by Jason Parker | Site asterisk.org; Asterisk Project Security Advisory - Unauthenticated calls can be made via the SIP channel driver using an invalid From header. This acts similarly to the SIP configuration option 'allowguest=yes', in that calls with a specially crafted From header would be sent to the PBX in the context specified in the general section of sip.conf.; tags | advisory; advisories | CVE-2008-1332; SHA-256 | 81843cf8445447d86cc4da5431fb5f1967c5dbd9adf9c537d45cdf64851f983b; Download | Favorite | View

ASA-2007-019.txt: Posted Aug 8, 2007; Authored by Wei Wang, Jason Parker | Site asterisk.org; Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a "CAPABILITIES_RES_MESSAGE" packet where the capabilities count is greater than the total number of items in the capabilities_res_message array. Note that this requires an authenticated session.; tags | advisory; SHA-256 | 6782bf2d6ac72f8bab74a44c546cf27f72e55a525d134e95c06a05a5ff82cc07; Download | Favorite | View

ASA-2007-016.txt: Posted Jul 18, 2007; Authored by Jason Parker | Site asterisk.org; Asterisk Project Security Advisory - The Asterisk Skinny channel driver, chan_skinny, has a remotely exploitable crash vulnerability. A segfault can occur when Asterisk receives a packet where the claimed length of the data is between 0 and 3, followed by length + 4 or more bytes, due to an overly large memcpy. The side effects of this extremely large memcpy have not been investigated.; tags | advisory; advisories | CVE-2007-3764; SHA-256 | 950ae078a58d7241a19dc7a251b19e77edd52fcfa03de8eed1f658bf4850424b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days