[asterisk-users] Important security alert: update your dialplans now!
Miguel Molina
mmolina at millenium.com.co
Wed Feb 17 08:29:57 CST 2010
Lenz Emilitri escribió:
>
> Ok but this is available today and works fine, so it can be used as a
> zero day replacement. Any syntax change is welcome but will take time
> until it gets in a public release and does not save you the hassle to
> change the dialplans anyway - unless you implement it as a default
> behaviour at the SIP driver level. And I got a feeling that most
> people will simply not bother learning regexps....
> You could just as reasonably write a script to do the check, or run a
> check in the dialplan itself, or change Asterisk.
> l.
Ok, if I get it the simplest workaround would be changing this:
exten => _X.,1,Dial(SIP/${EXTEN})
To this:
exten => _X.,1,Dial(SIP/${FILTER(0123456789,${EXTEN})})
If you're intended to receive only numbers from the dialstring, right?
See http://www.voip-info.org/wiki/view/Asterisk+func+filter
Regards,
--
Ing. Miguel Molina
Grupo de Tecnología
Millenium Phone Center
More information about the asterisk-users
mailing list