[asterisk-bugs] [JIRA] (ASTERISK-20622) SIP dial without valid register
Rusty Newton (JIRA)
noreply at issues.asterisk.org
Mon Oct 29 17:55:18 CDT 2012
[ https://issues.asterisk.org/jira/browse/ASTERISK-20622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rusty Newton updated ASTERISK-20622:
------------------------------------
Assignee: Dirk-Michael Brosig
Status: Waiting for Feedback (was: Triage)
I only see a failed registration in your debug. Can you attach a file demonstrating the call made into the default context without authentication? (be sure to include both VERBOSE and DEBUG message types set to level 5)
Also, can you attach your sip.conf and users.conf with passwords scrubbed?
Are you using allowguest=yes in sip.conf?
> SIP dial without valid register
> -------------------------------
>
> Key: ASTERISK-20622
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-20622
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/General
> Affects Versions: 1.8.11.1
> Environment: openSUSE 12.1 32bit
> Linux dmbsrv 3.1.10-1.16-pae #1 SMP Wed Jun 27 05:21:40 UTC 2012 (d016078) i686 athlon i386 GNU/Linux
> Reporter: Dirk-Michael Brosig
> Assignee: Dirk-Michael Brosig
> Severity: Critical
>
> an attacker can make a dial in default context without valid authentification
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list