This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.
54da0d99e312b44be212dc5220e9ea0fef3a31a1f8a4b91a6f8f48f53c53ca09
Debian Linux Security Advisory 2367-1 - Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit.
c775b80295c3642a135dbde3ae832771f511ca0cfd118f13568781aff541ad60