exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from David Vossel

Asterisk Project Security Advisory - AST-2010-001

Posted Feb 3, 2010

Authored by David Vossel | Site asterisk.org

Asterisk Project Security Advisory - An attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash occurs when the FaxMaxDatagram field is omitted from the SDP as well.

tags | advisory

advisories | CVE-2010-0441

SHA-256 | e389de5a471316312db8c85329ef64fc51d31e57f6900226fbee9f94d1d8b6de

Download | Favorite | View

Asterisk Project Security Advisory - AST-2009-010

Posted Dec 1, 2009

Authored by David Vossel | Site asterisk.org

Asterisk Project Security Advisory - An attacker sending a valid RTP comfort noise payload containing a data length of 24 bytes or greater can remotely crash Asterisk.

tags | advisory

advisories | CVE-2009-4055

SHA-256 | 36b56a28380039e2532e434853000794f007a636a0fa262cd6df0be8b4ee65e2

Download | Favorite | View