Asterisk Project Security Advisory - An attacker can use all available file descriptors using SIP INVITE requests, which can result in a denial of service.
786ba76251ce62da4df7d6eb92f164fe200a08d34d8310287e6d97b9f289d40c
Asterisk Project Security Advisory - When authenticating via SIP with alwaysauthreject enabled, allowguest disabled, and autocreatepeer disabled, Asterisk discloses whether a user exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
7ce9d396f6a8843def45150840621abd66a61195ea9967e14e7c6392d62f7a27
Asterisk Project Security Advisory - If a single voicemail account is manipulated by two parties simultaneously, a condition can occur where memory is freed twice causing a crash.
c4c29da204c724036feeafa9e5d1fe5e12c23b551ecfc323429909297800ebda