[asterisk-bugs] [JIRA] (ASTERISK-20622) Default enabling of the "allowguest" setting in Asterisk should be revisited, as it allows systems, by default, to be potentially vulnerable
Matt Jordan (JIRA)
noreply at issues.asterisk.org
Tue Oct 30 06:54:18 CDT 2012
[ https://issues.asterisk.org/jira/browse/ASTERISK-20622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matt Jordan updated ASTERISK-20622:
-----------------------------------
Summary: Default enabling of the "allowguest" setting in Asterisk should be revisited, as it allows systems, by default, to be potentially vulnerable (was: SIP dial without valid register)
> Default enabling of the "allowguest" setting in Asterisk should be revisited, as it allows systems, by default, to be potentially vulnerable
> --------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ASTERISK-20622
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-20622
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/General
> Affects Versions: 1.8.11.1
> Environment: openSUSE 12.1 32bit
> Linux dmbsrv 3.1.10-1.16-pae #1 SMP Wed Jun 27 05:21:40 UTC 2012 (d016078) i686 athlon i386 GNU/Linux
> Reporter: Dirk-Michael Brosig
> Assignee: Rusty Newton
> Severity: Critical
>
> an attacker can make a dial in default context without valid authentification
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list