[Enswitch-announce] Important security update for Enswitch 3.9 and later
Alistair Cunningham
acunningham at integrics.com
Fri Dec 18 21:36:21 UTC 2015
All,
We have discovered a billing/security issue with telephones that
redirect calls using a call forward on the handset itself using SIP 302.
Calls forwarded using this method to a chargeable destination will not
be properly priced by enswitch_calld and therefore not cut off when the
customer reaches their credit limit. These calls will also not have
their daily spending record updated correctly, and customers may go over
their daily spending limit.
This issue applies to Enswitch 3.9 and higher, and a bug fix is
available in subversion. We recommend updating to the latest fixes,
updating and testing on a test server first if possible. Please open a
support ticket if you need any further assistance.
Update all servers in the cluster to the latest fixes:
cd /opt/enswitch/current
svn up
enswitch restart
If using Enswitch 3.12 or lower, you must then manually add an index to
the cdrs table:
enswitch sql "alter table cdrs add index ( bridged_callid )"
and set System -> Configuration -> "Bridged callid has index" to yes.
--
Alistair Cunningham
+1 888 468 3111
+44 20 799 39 799
http://integrics.com/
More information about the Enswitch-announce
mailing list