Huge thanks to Joshua Colp for mirroring services

A few Cisco security vulnerabilities

Share on Twitter Digg this story Click to view a printable version Wed, 23 Sep 2009 20:13:11 -0300

thumnail

There have been a few Cisco vulnerabilities posted on bugtraq this morning. While not directly related to Asterisk I thought I would post them in case people are using Cisco gear:

Cisco Security Advisory: Cisco IOS Software H.323 Denial of Service Vulnerability

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol (SIP) Denial of Service Vulnerability

Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol (SIP) Denial of Service Vulnerability

Cisco Security Advisory: Cisco Unified Communications Manager Express Vulnerability


You haven't voted yet! Vote:
Current Rating: 7.5/10 (2 votes)

Comments (Click to post)

Comments
Name:
Subject:
Website:
Message: 

Similar Articles (Based on Title)

*-CVS: A few changes of note - January 6, 2005
RAWplayer, wctdm and fxotune commits have occured.

Need a few volunteers - August 4, 2006
I need a couple of volunteers to have a look at a new SineApps website and give me their opinions.

Vulnerabilities in Cisco VOIP - July 17, 2005
Trixter has posted details of the discovery of 5 new security holes in Cisco CM.

CORE-2006-0327: IAXclient truncated frames vulnerabilities - June 13, 2006
Core Security Technologies have posted details of a security hole in IAXclient to Bugtraq.

Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11) - August 25, 2006
MuLabs has posted details of multiple vulnerabilities in Asterisk 1.2.10

Bugtraq: CounterPath eyeBeam Handing SIP header Vulnerabilities - September 22, 2006
CounterPath (formerly Xten) has responded to a post on a DOS in Eyebeam.

Two OpenSER Vulnerabilities - December 29, 2006
While not strictly Asterisk related, a lot of you may be using OpenSER in conjunction with Asterisk to provide SIP gateway facilities. There have been two security vulnerabilities posted to BugTraq today.

Openfire Jabber-Server: Multiple Vulnerabilities - November 11, 2008
Andreas Kurtz has posted details of multiple vulnerabilities in the Openfire Jabber server including Authentication Bypass and SQL injection.

Openfire Jabber-Server: Multiple Vulnerabilities - November 11, 2008
Andreas Kurtz has posted details of multiple vulnerabilities in the Openfire Jabber server including Authentication Bypass and SQL injection.

Cryptome: Cisco Holes - November 15, 2004
Rajiv Aaron Manglani has let us know that the Cryptome has posted details of holes in the Cisco 7960/7940 phones.

Small PHP script for displaying * CID database in Cisco 7940/60 XML - February 8, 2005
Stefan Gofferje has posted details of a PHP script he has developed.

Cisco to buy Sipura - April 27, 2005
Cory Andrews has posted a link to a news story about Cisco buying Sipura. At least you can't say you didn't see this coming!

*-Dev: New chan_sccp release adds support for Cisco 7970 - May 1, 2005
Julien Goodwin has posted details of the latest release of chan_sccp.

Cisco Call Manager And Asterisk for Voicemail - May 27, 2005
Shaun Ewing has posted detail of a pdf he's written for integrating Cisco Call Manager And Asterisk.


Original Content (C) 2004-2010 Matt Riddell
Back 5  Feed Add to Google Subscribe with Bloglines
Go to today

Icons by: FastIcon.com


Back to life
July 21, 2010 Average Vote: 10
Hey all - I am back online after some pretty big projects which have taken all my time. Will be updating the Asterisk news over the next few days.

Nerd Vittles: Building a Bluetooth Proximity Detection System with Asterisk
December 12, 2005 Average Vote: 10
The Nerd Vittles site has an article on proximity detection using Asterisk and a TomTom GPS

Automated Testing Update
July 30, 2010 Average Vote: 10
Russell Bryant has posted details of a new mailing list for automated testing of Asterisk and some information on the progress that has been made. There is no way to say how important I think this work is. It really makes a huge difference to Asterisk and the ability to use it in an enterprise environment. Really great work.

VoIP-Info: FFasterisk Video file converter
August 25, 2006 Average Vote: 10
The wiki has a link to a new piece of software for converting video to the format required for Asterisk.

Code Review: SRTP support for Asterisk
March 12, 2009 Average Vote: 10
Terry Wilson has moved his SRTP branch onto the Digium review board.

HumBug - Pre BETA Launch Registration
July 27, 2010 Average Vote: 10
Nir Simionovich has posted details of the beta of the new call analytics service.

Interview with BKW_
December 7, 2004 Average Vote: 10
We've finally completed our interview with BKW. Hope you like! :-)

SlashDot: GSM and Asterisk Integration
August 21, 2005 Average Vote: 10
There is a post up on SlashDot which talks about using cellphones with Asterisk.

Interview with Mark Spencer
November 26, 2004 Average Vote: 9.9
We have managed to get an interview with Mark Spencer AKA Markster. Mark Spencer is the creator of Asterisk and by far the most active developer.

Asterisk and Kamailio realtime integration tutorial
May 24, 2010 Average Vote: 9.9
Daniel-Constantin Mierla has posted a link to a tutorial on integrating Asterisk and Kamailio using realtime.

Asterisk IPv6 update
February 1, 2010 Average Vote: 9.8
Olle has posted an update on IPV6 in Asterisk and a link to a blog post of his.

Proposal for T.38 transparent gateway design in Asterisk
April 29, 2010 Average Vote: 9.8
Kevin Fleming has posted a proposed design for a transparent T.38 gateway for Asterisk:

Asterisk Monitoring with iPhone and iPod touch
February 12, 2010 Average Vote: 9.7
For the past couple of weeks I have been working on an app that allows you to monitor and restart Asterisk servers.

Monitoring Asterisk with Munin
January 7, 2010 Average Vote: 9.7
I had a few requests for these munin plugins after some discussion on one of the Asterisk lists and thought people might like them.

New Zealand Asterisk Voices
March 2, 2006 Average Vote: 9.7
Chris Hodgetts has posted details of recordings of Asterisk Sounds with a New Zealand accent.


Automated Testing Update
July 30, 2010
Russell Bryant has posted details of a new mailing list for automated testing of Asterisk and some information on the progress that has been made. There is no way to say how important I think this work is. It really makes a huge difference to Asterisk and the ability to use it in an enterprise environment. Really great work.

Asterisk 1.8.0-beta2 Now Available
July 28, 2010
The Asterisk Development Team has announced the release of Asterisk 1.8.0-beta2.

HumBug - Pre BETA Launch Registration
July 27, 2010
Nir Simionovich has posted details of the beta of the new call analytics service.

Branch Merging Changes
July 26, 2010
Russell Bryant has posted details of some changes to the way developers need to commit code to Asterisk because of the newly released 1.8 branch.

Asterisk 1.8.0-beta1 is Now Available
July 26, 2010
The Asterisk Development Team has announced the release of Asterisk 1.8.0-beta1. This release marks the beginning of the testing process for the eventual release of Asterisk 1.8.0.

Asterisk 1.6.2.10 Now Available
July 26, 2010
The Asterisk Development Team has announced the release of Asterisk 1.6.2.10.

Asterisk 1.4.34 Now Available
July 26, 2010
The Asterisk Development Team has announced the release of Asterisk 1.4.34.

AppleRaisin - AstDB over realtime
July 23, 2010
Olle has posted a note about his awesome AppleRaisin branch which provides the ability to store AstDB in realtime. This would make for a much simpler failover and clustering situation.

QueueMetrics 1.6.1 released
July 22, 2010
Lenz has posted a note to inform us that QueueMetrics version 1.6.1 has been released. This release offers a large number of bug fixes, misc improvements and new developements including hotdesking.

Asterisk 1.8 Branch Creation
July 22, 2010
Russell Bryant has posted a note to inform us of the creation of the 1.8 branch of Asterisk.