I feel it is great that Asterisk now is in the mainstream of Open Source software and that it is being scrutinized this way. I always told my Asterisk students that the manager interface is unsecure and that it needs a major improvement. I was not aware of this bug though.
Also, I am proud that the Asterisk developer team responded quickly to it, even though with a quick glance, I can't see what has been done to fix it. Regards, /Olle _______________________________________________ Asterisk-Security mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-security
