[asterisk-bugs] [Asterisk 0015076]: [patch] Early media bridged from caller to callee allows free calls

Asterisk Bug Tracker noreply at bugs.digium.com
Fri May 6 15:13:28 CDT 2011 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=15076 
====================================================================== 
Reported By:                fnordian
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   15076
Category:                   Applications/app_dial
Reproducibility:            always
Severity:                   feature
Priority:                   normal
Status:                     confirmed
Asterisk Version:           SVN 
JIRA:                       SWP-136 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!): 185949 
Request Review:              
====================================================================== 
Date Submitted:             2009-05-11 06:15 CDT
Last Modified:              2011-05-06 15:13 CDT
====================================================================== 
Summary:                    [patch] Early media bridged from caller to callee
allows free calls
Description: 
Hi,
german security press reported about this last week (
http://www.heise.de/security/Lauschangriff-in-VoIP-Netzen--/artikel/137297
). The problem occurs on receiving a call and placing it to an user.
Ringing and session progress data are bridged from the callee to the caller
and that's good. The bad thing is that media-data from the caller is
forwarded to the callee. This allows among other problems free calls. I
learned that this might be wanted behavior e.g. for call centers, but it's
not good for gateways.

There should be an option for Dial() to disable the forwarding of
media-data to the callee during call-setup.
====================================================================== 

---------------------------------------------------------------------- 
 (0134601) russell (administrator) - 2011-05-06 15:13
 https://issues.asterisk.org/view.php?id=15076#c134601 
---------------------------------------------------------------------- 
This feature is fine but someone will need to update the patch for trunk. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2011-05-06 15:13 russell        Note Added: 0134601                          
======================================================================

More information about the asterisk-bugs mailing list