Multiple security flaws in Asterisk – upgrade available

Today Internet Security Systems (ISS) issued a press release announcing that they had found two vulnerabilities in the IAX2 protocol used by Asterisk. The actual security advisories can be found here and here.

A new version 1.2.10 of Asterisk was released on Saturday, July 14, to address these vulnerabilities. Users of Asterisk are, of course, strongly encouraged to upgrade.

Voice of VOIPSA

Collective thoughts and musings on the state of VoIP security today.

Multiple security flaws in Asterisk – upgrade available

Share this: