FreePBX / PBX in a Flash IAX2
From VoIP.ms Wiki
| [quality revision] | [quality revision] |
90210chris (Talk | contribs) |
90210chris (Talk | contribs) (→FreePBX / PBX in a Flash (IAX2)) |
||
| Line 6: | Line 6: | ||
| - | ==FreePBX / PBX in a Flash (IAX2)== | + | ==FreePBX / PBX in a Flash (IAX2) Configuration== |
https://www.voip.ms/m/samples/images/freepbxiax.gif | https://www.voip.ms/m/samples/images/freepbxiax.gif | ||
Revision as of 16:59, 24 October 2014
Important Security Information
We are aware of an important and critical exploit related to all FreePBX versions prior to 12. This Zero-Day Remote Code Execution and Privilege Escalation exploit allows users to bypass authentication and gain ‘Full Administrator’ access to the FreePBX server when the ‘FreePBX ARI Framework module/Asterisk Recording Interface (ARI)’ is present on the system. This vulnerability may offer to any non authorized user full remote code execution access as the user running the Apache process. This exploit can be present also for users who have updated to version 12 from a prior version and did not remove the legacy FreePBX ARI Framework module.
Here are some recommendations for their product from the freepbx.org website for protection against this issue: http://www.freepbx.org/node/92822
FreePBX / PBX in a Flash (IAX2) Configuration
Fill the blanks with your information, please note that the images above are just examples.
type=friend username=100000 (Replace with your 6 digit Main SIP Account User ID or Sub Account username, i.e. 123456 or 123456_sub) secret=***** (password associated with the Main or Sub-account) context=from-trunk host=atlanta.voip.ms (one of our multiple servers, you can choose the one closer to your location) disallow=all allow=ulaw insecure=port,invite requirecalltoken=no qualify=yes
Register String: youraccountnumber:[email protected]:4569
NOTE: The trunk name should be set to voipms in lowercase. Otherwise you may have issues with the incoming calls.
If the trunk name is not specifically set to voipms, the following error may result on inbound calls: "Call rejected, CallToken Support required."
