[Asterisk-Users] Asterisk Security vulnerability report
Steven Critchfield
critch at basesys.com
Tue Sep 9 13:36:15 MST 2003
On Tue, 2003-09-09 at 15:23, Brian Jones wrote:
> I heard about this a while ago too. How come I didn't hear anything about
> it from asterisk-announce? (at least I don't recall receiving any emails
> about it.
>
> Also, is there any plans in the future to create a stable and development
> branches of code? Upgrading to the lastest CVS version may be difficult for
> some who have complex installations. It would be easier just to recieve a
> patch for the stable version.
Depending on your installation, you may just want to turn off SIP
support to anything not currently supporting SIP. All you need to do is
add a noload=chan_sip.so to the modules.conf file. This is what I did to
our main switch as it has no need for SIP support. SIP can be handled by
a non critical machine and linked to the critical PSTN switch via IAX if
I need it to.
> ----- Original Message -----
> From: "Lubomir Christov" <voip at minitelecom.org>
> To: <asterisk-users at lists.digium.com>; <asterisk-dev at lists.digium.com>
> Sent: Tuesday, September 09, 2003 3:54 PM
> Subject: [Asterisk-Users] Asterisk Security vulnerability report
>
>
> > Hello,
> >
> > today I found this security report regarding Asterisk SIP Security.
> >
> > http://www.securiteam.com/securitynews/5LP0720B5G.html
> >
> > Maybe It could help somebody who isn't using a newer than 15th of August
> > cvs version.
> >
> > Best regards
> > Lubo
> >
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
> >
> >
>
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
--
Steven Critchfield <critch at basesys.com>
More information about the asterisk-users
mailing list