Asterisk Project Security Advisory - It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header with the "Application" header during an Originate action, allows authenticated manager users to execute shell commands. Only users with the "system" privilege should be able to do this.
31ede85ee7d0cff21021d4dd6f89dfc438a48a6a387fbe72033246f6071a6e17
Asterisk Project Security Advisory - When decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems doing T.38 pass through or termination are vulnerable.
9b947dd4fce8b8d4d6dc7c6bc47a02bc75f6c9d8097ebaa822eda51e67ad2705
Asterisk Project Security Advisory - When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs.
caddb62e55ea8e3118ad497b8c0c7b872b631262ea738692d4e6d87bdccb05d9