Home Industry News VoIP Asterisk 1.0.12 released - Security Vulnerability Fix

Thursday, 20 November 2008

Main Menu Home About us Contact us Services Partners Downloads Online Services Remote Support Helpdesk Backup Reminders Partners We ensure the highest level of vendor support for our clients & have established alliances with the following vendors: Services Spotlight System Integration   Whether you're in need of a simple file-sharing solution or a solution for a standard nation-wide remote access solution, we can determine the solution best meets your needs, and implement it. Read more...   Login Username Password Remember me Lost Password? Tech Zone Vendor Advisories Products Industry News GFI Software VMWare VoIP

Asterisk 1.0.12 released - Security Vulnerability Fix Thursday, 19 October 2006 The Asterisk Development team has released an update to Asterisk 1.0, Asterisk 1.0.12. This release contains a fix for a security vulnerability recently found in the chan_skinny channel driver (for Cisco SCCP phones). This vulnerability would enable an attacker to remotely execute code as the system user running Asterisk (frequently 'root'). The exploit does not require that the skinny.conf contain any valid phone entries, only that chan_skinny is loaded and operational. All Asterisk 1.0 users are urged to update to this release if they use the chan_skinny channel driver, or to stop loading it if it is not needed ('noload=>chan_skinny.so' in modules.conf will cause this behavior). Read more...

This page was loaded in 0.052 seconds.