[asterisk-users] Important security alert: update your dialplans now!

Landy Landy landysaccount at yahoo.com
Tue Feb 16 16:38:34 CST 2010


I have this:

[menu]
exten => _X.,1,answer()
exten => _X.,2,wait(1)
exten => _X.,n,GoTo(ivr,s,1)


[default]
include => record
include => incoming
include => menu

[local-dial]
exten => _1XX,1,Verbose("..... In local-dial context, dialing exten: ${EXTEN} ....."
exten => _1XX,2,Dial(SIP/${EXTEN},20,tTmkKhHWw)
exten => _1XX,n,voicemail(${EXTEN},u)
exten => _1XX,n,Hangup()
include => agents
include => queue
include => local-iax
include => voicemail
include => timeofday
include => parkedcalls
include => pickup
include => to_client
include => test-agi

include => menu

that goes to an ivr. Can this be a security bridge?



--- On Mon, 2/15/10, Tony Mountifield <tony at softins.clara.co.uk> wrote:

> From: Tony Mountifield <tony at softins.clara.co.uk>
> Subject: Re: [asterisk-users] Important security alert: update your dialplans now!
> To: asterisk-users at lists.digium.com
> Date: Monday, February 15, 2010, 11:58 AM
> In article <699ee941002150033t7c6e1be5xdba76cb0f68d5c39 at mail.gmail.com>,
> Lenz Emilitri <lenz.loway at gmail.com>
> wrote:
> > -=-=-=-=-=-
> > -=-=-=-=-=-
> > 
> > Or one could simply rewrite to:
> > 
> > [incoming-from-voip]
> > exten =>
> XXXXXXX,1,Dial(${EXTEN}@incoming-from-voip-old)
> > exten =>
> XXXXXXXX,1,Dial(${EXTEN}@incoming-from-voip-old)
> > exten =>
> XXXXXXXXX,1,Dial(${EXTEN}@incoming-from-voip-old)
> > exten =>
> XXXXXXXXXX,1,Dial(${EXTEN}@incoming-from-voip-old)
> > 
> > [incoming-from-voip-old]
> > exten => _X., 1, dial(SIP/${EXTEN})
> > 
> > To avoid extensive rewriting and fix the current
> issue.
> > l.
> 
> Don't forget you still need the underscore to make X
> magic:
> 
> exten =>
> _XXXXXXX,1,Dial(${EXTEN}@incoming-from-voip-old)
> 
> etc.
> 
> Tony
> -- 
> Tony Mountifield
> Work: tony at softins.co.uk
> - http://www.softins.co.uk
> Play: tony at mountifield.org
> - http://tony.mountifield.org
> 
> -- 
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
> 


      



More information about the asterisk-users mailing list