Friday, April 3, 2009

Asterisk Project Security Advisory - AST-2009-003

http://snapvoip.blogspot.com/

Asterisk Project Security Advisory - AST-2009-003

Product

Asterisk

Summary

SIP responses expose valid usernames

Nature of Advisory

Information leak

Susceptibility

Remote Unauthenticated Sessions

Severity

Minor

Exploits Known

No

Reported On

February 23, 2009

Reported By

Gentoo Linux Project: Kerin Millar ( kerframil on irc.freenode.net ) and Fergal Glynn <>

Posted On

April 2, 2009

Last Updated On

April 2, 2009

Advisory Contact

Tilghman Lesher <>

CVE Name

CVE-2008-3903

For Description, patches, fixes and more information read AST-2009-003

No comments:

Post a Comment