[Asterisk-bugs] [Asterisk 0007904]: Transfer capability is inherited by a channel after being transfered via atxfer
noreply at bugs.digium.com
noreply at bugs.digium.com
Fri Jul 13 18:01:04 CDT 2007
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=7904
======================================================================
Reported By: k-egg
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 7904
Category: Applications/app_dial
Reproducibility: always
Severity: major
Priority: high
Status: confirmed
Asterisk Version: 1.2.11
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: No
Request Review:
======================================================================
Date Submitted: 09-08-2006 06:37 CDT
Last Modified: 07-13-2007 18:01 CDT
======================================================================
Summary: Transfer capability is inherited by a channel after
being transfered via atxfer
Description:
PhoneA calls PhoneB (221)
by Dial("mISDN/12-1", "mISDN/1/221|15|tr")
PhoneA is not allowed to initiate transfers at that time.
PhoneB is allowed to.
PhoneB transfers PhoneA to PhoneC(208) (attended trans)
by Dial("Local/208 at isdn-nt-1-bcec,2", "mISDN/8/208|15|")
now PhoneA now is allowed to initiate transfers:
for example:
exten => 1,1,Playback(tt-monkeys)
cli output:
- Started music on hold, class 'default', on Local/208 at isdn-nt-1-bcec,1
-- Playing 'pbx-transfer' (language 'de')
-- Executing Playback("Local/1 at macro-dial_intern-e687,2",
"tt-monkeys") in new stack
-- Playing 'tt-monkeys' (language 'en')
Is this a bug? a feature? or designed to behave like this?
wondering...
kegg
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
has duplicate 0010198 Important vulnerability after native tr...
======================================================================
----------------------------------------------------------------------
ibc - 07-13-07 18:01
----------------------------------------------------------------------
As I've reported in bug http://bugs.digium.com/view.php?id=10198 this big
vulnerability occurs too with blind
transfer, not just attended transfer.
http://bugs.digium.com/view.php?id=10198
This is very serious problem, I can't believe why there is not more
activity around it.
Issue History
Date Modified Username Field Change
======================================================================
07-13-07 18:01 ibc Note Added: 0067376
======================================================================
More information about the asterisk-bugs
mailing list