Softphone Embedded in web page

May 27, 2008

Hello List,

Mexuar Communications have a softphone solution - Corraleta.

Corraleta is a java applet so the size of the softphone is tiny at 125kb,
there is no software to download, its platform independent and you can
customise the front end so instead of a button you can design a keypad to
make it have the look and feel of a phone.

More info can be found on the blog http:\\mexuarapps(dot)blogspot(dot)com

Any readers wishing to try out Corraleta we can cut a test licence. Please
contact me off list.

Thanks for reading.

Regards,

Charles.

Charles Woods
Sales & Marketing Dir.
Mexuar Communications Ltd
Tel +44 (0)161 866 0028
Mobile +44 (0)7894 338260
www.mexuar.com

Written by Voip Phreak · Filed Under News, Products

500$ Prize to Jabberd2 Bounty Fixers – Programmers? This one is for you.

May 23, 2008

Found on the jadmin list today.. get to work!

I'm offering a $500 bounty (and a Chesspark t-shirt) to anyone who can
fix the memory leak(s) in the session manager component of jabberd2.
You can find more info here:

http://metajack.wordpress.com/2008/05/22/want-500-help-us-fix-jabberd2/

jack.

Written by Voip Phreak · Filed Under Jabber, News

New Asterisk Solution claims to support Microsoft Exchange 2007 and MS Office Comm Server 2007… reallllly?

May 23, 2008

Yup, it appears so, however keep in mind this was some spam sent to a user of the biz list, so who really knows till someone tests it out. If you're reading this ICS, and want to send us a development box, we'd love to test it and review it for you :)

well, here is the first windows solution that I have seen via SPAM.

while the spam msg claimed:
ics offers the enterprise customer a key component in the unified telephony network - the TopGate & VS1000 gateway - which connects the existing legacy telephony PBX with microsoft exchange server 2007 & MS office communications server 2007
http://www.icstel.com/trunkgw.html

anyone else see this?
daveC

http://www.icstel.com/topgate.html

Top-Gate Specifications

Interfaces
RJ21

FXS RJ21 POTS: 1 (24FXS); 2 (48FXS)

FXO RJ21 POTS: 1 (16FX0);

RJ21 POTS Connector

Champ 50

Ethernet Interface Connector

RJ-45 or 10/100 Base-T, with auto sensing

Voice Processing

Voice Codec

G.711, G.729, G .723.1, GSM, and iLBC

Echo Cancellation

G. 168; 0-128ms

Jitter Buffer

Dynamic

Calling Control

Calling/Called Number Mapping; Line Hunt

Fax Processing

T.30, T.38 Fax Relay

Gateway Configuration

Web based user Interface; Text based configuration

Remote Provisioning

Through HTTP/WEB mode

Signaling

Off hook Detection

FXS loop start and DDI

VoIP Protocols

SIP and MGCP;

Supports gateway-gateway direct routing and gateway- gatekeeper assisted routing mode

DTMF

DTMF Digits Transmit: RFC2833, INFO (SIP)

Max Line Length

3000 meters

Environmental Requirements

Ringing Voltage

60 V RMS

Input Voltage

110~240 AC; 50~60Hz; input current 1AMP

Power Consumption

70 W (Max.)

Dimension (H x W x D)

4.4 x 44 x 44 cm; in one rack unit tall chassis

Weight

10kg

Operating Environmental

0 to 40°C, Non-Condensing Humidity 10% to 95%

Non-Operating Environmental

-10 to 60°C

Written by Voip Phreak · Filed Under News

Meet you at Asterisk-tag in Berlin!

May 22, 2008

Friends,

Next week in Berlin there will be a high density of Asterisk users and
developers. Asterisk-tag is organised again and this year Mark
Spencer, Kevin Fleming and myself will be speaking on Monday. On
Tuesday, I will run a workshop on Asterisk and SIP, followed by a
workshop on SER held by Daniel Mierla and Elena Modroiu. A very good
oppurtunity to meet developers, ask questions and discuss cool ideas.

http://www.asterisk-tag.org/wiki/Hauptseite

See you in Berlin!

Written by Voip Phreak · Filed Under Meets, News

/home/putnopvut/asa/AST-2008-007/AST-2008-007: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised

May 22, 2008

Asterisk Project Security Advisory - AST-2008-007

+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Asterisk installations using cryptographic keys |
| | generated by Debian-based systems may be using a |
| | vulnerable implementation of OpenSSL |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Compromised cryptographic keys |
|--------------------+---------------------------------------------------|
| Susceptibility | Users of RSA for IAX2 authentication and users of |
| | DUNDi |
|--------------------+---------------------------------------------------|
| Severity | Critical |
|--------------------+---------------------------------------------------|
| Exploits Known | None specific to Asterisk, but OpenSSL exploits |
| | are circulating |
|--------------------+---------------------------------------------------|
| Reported On | 13 May 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Luciano Bello |
|--------------------+---------------------------------------------------|
| Posted On | May 16, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | May 22, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Mark Michelson < mmichelson AT digium DOT com > |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-0166 |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Description | The Debian team recently announced that cryptographic |
| | keys generated by their OpenSSL package were created |
| | using a random number generator with predictable |
| | results. This affects Debian's stable and unstable |
| | distributions, as well as Debian-derived systems such as |
| | Ubuntu. See the links in the "Links" session of this |
| | advisory for more information about the vulnerability. |
| | |
| | Asterisk is not directly affected by this vulnerability; |
| | however, Asterisk's 'astgenkey' script uses OpenSSL in |
| | order to generate cryptographic keys. Therefore, |
| | Asterisk users who use RSA for authentication of IAX2 |
| | calls and who use DUNDi may be using compromised keys. |
| | This vulnerability affects any such installation whose |
| | cryptographic keys were generated on a Debian-based |
| | system, even if the Asterisk installation itself is not |
| | on a Debian-based system. |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Resolution | Since this is not a vulnerability in Asterisk itself but |
| | in a tool that Asterisk uses, there will be no new |
| | releases made; however, users who are affected by the |
| | Debian OpenSSL vulnerability are strongly encouraged to |
| | upgrade their package of OpenSSL to an uncompromised |
| | version (version 0.9.8c-4 or later) and regenerate all |
| | keys used by Asterisk. |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release Series | |
|-----------------------------------+----------------+-------------------|
| Asterisk Open Source | 1.0.x | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Open Source | 1.2.x | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Open Source | 1.4.x | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Business Edition | A.x.x | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Business Edition | B.x.x | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Business Edition | C.x.x | N/A |
|-----------------------------------+----------------+-------------------|
| AsteriskNOW | pre-release | N/A |
|-----------------------------------+----------------+-------------------|
| Asterisk Appliance Developer Kit | 0.x.x | N/A |
|-----------------------------------+----------------+-------------------|
| s800i (Asterisk Appliance) | 1.0.x | N/A |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|------------------------------------+-----------------------------------|
| N/A | N/A |
|------------------------------------+-----------------------------------|
|------------------------------------+-----------------------------------|
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Links | http://www.debian.org/security/2008/dsa-1571 |
| | |
| | http://wiki.debian.org/SSLkeys |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-007.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-007.html |
+------------------------------------------------------------------------+

+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|-------------------+----------------------+-----------------------------|
| May 15, 2008 | Mark Michelson | Initial advisory |
+------------------------------------------------------------------------+

Asterisk Project Security Advisory - AST-2008-007
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.

Written by Voip Phreak · Filed Under News, Security

ejabberd 2.0.1 released

May 21, 2008

Hello,

ejabberd 2.0.1 is a maintenance release version. You can download it from:
http://www.process-one.net/en/ejabberd/downloads

The release note is available on:
http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_201

Cheers,

--
Mickaël Rémond
http://www.process-one.net/

Written by Voip Phreak · Filed Under Jabber, News

New release of Thirdlane PBX and Thirdlane PBX Manager GUI

May 21, 2008

Third Lane Technologies is proud to announce the release of version 6.0 of Thirdlane PBX software appliance and Thirdlane PBX Manager GUI – the open GUI for Asterisk management.

Both SMB and multi-tenant (MTE) versions have a lot of new features, enhancements and fixes - please visit our website, register, get a free download at http://www.thirdlane.com/product/download and give it a shot!

Full press release is here http://www.thirdlane.com/news, for those interested in the detailed change log it is posted in the forum http://www.thirdlane.com/forum/thirdlane-pbx-6-0-57-is-available

Thanks to all our customers and partners for valuable suggestions and contributions!

Alex