Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ASA-2007-011: Multiple problems in SIP channel parser handling response

from [Kevin P. Fleming] Network Security [Permanent Link]
Subject: ASA-2007-011: Multiple problems in SIP channel parser handling response codes
Date: Wed, 25 Apr 2007 14:04:20 -0500 
               Asterisk Project Security Advisory - ASA-2007-011

   +------------------------------------------------------------------------+
   |      Product       | Asterisk                                          |
   |--------------------+---------------------------------------------------|
   |      Summary       | Multiple problems in SIP channel parser handling  |
   |                    | response codes                                    |
   |--------------------+---------------------------------------------------|
   | Nature of Advisory | Denial of Service                                 |
   |--------------------+---------------------------------------------------|
   |   Susceptibility   | Remote Unauthenticated Sessions                   |
   |--------------------+---------------------------------------------------|
   |      Severity      | Critical                                          |
   |--------------------+---------------------------------------------------|
   |   Exploits Known   | No                                                |
   |--------------------+---------------------------------------------------|
   |    Reported On     | March 20, 2007                                    |
   |--------------------+---------------------------------------------------|
   |    Reported By     | Mantis user ID 'qwerty1979'                       |
   |--------------------+---------------------------------------------------|
   |     Posted On      | April 24, 2007                                    |
   |--------------------+---------------------------------------------------|
   |  Last Updated On   | April 24, 2007                                    |
   |--------------------+---------------------------------------------------|
   |  Advisory Contact  | kpfleming@digium.com                              |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | Multiple problems have been identified in the Asterisk   |
   |             | SIP channel driver (chan_sip) when handling response     |
   |             | packets from other SIP endpoints.                        |
   |             |                                                          |
   |             | If the response packets did not contain a valid response |
   |             | code in the first line of the UDP packet, the Asterisk   |
   |             | SIP channel driver would fail to parse the packet        |
   |             | properly and would cause the Asterisk process to die     |
   |             | with a segmentation fault. This results in all active    |
   |             | calls and other sessions being lost.                     |
   |             |                                                          |
   |             | More details about these issues can be found at          |
   |             | http://bugs.digium.com/view.php?id=9313.                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | All users are urged to upgrade to the appropriate version |
   |            | of their Asterisk product listed in the 'Corrected In'    |
   |            | section below.                                            |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |          Product          |   Release   |                              |
   |                           |   Series    |                              |
   |---------------------------+-------------+------------------------------|
   |   Asterisk Open Source    |    1.0.x    | has not been evaluated as    |
   |                           |             | this release series is no    |
   |                           |             | longer maintained            |
   |---------------------------+-------------+------------------------------|
   |   Asterisk Open Source    |    1.2.x    | all releases prior to 1.2.18 |
   |---------------------------+-------------+------------------------------|
   |   Asterisk Open Source    |    1.4.x    | all releases prior to 1.4.3  |
   |---------------------------+-------------+------------------------------|
   | Asterisk Business Edition |    A.x.x    | all releases                 |
   |---------------------------+-------------+------------------------------|
   | Asterisk Business Edition |    B.x.x    | all releases prior to and    |
   |                           |             | including B.1.3.2            |
   |---------------------------+-------------+------------------------------|
   |        AsteriskNOW        | pre-release | all releases prior to and    |
   |                           |             | including Beta 5             |
   |---------------------------+-------------+------------------------------|
   |    Asterisk Appliance     |    0.x.x    | all releases prior to 0.4.0  |
   |       Developer Kit       |             |                              |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |      Product       |                      Release                      |
   |--------------------+---------------------------------------------------|
   |   Asterisk Open    |         1.2.18 and 1.4.3, available from          |
   |       Source       |    ftp://ftp.digium.com/pub/telephony/asterisk    |
   |--------------------+---------------------------------------------------|
   | Asterisk Business  |   B.1.3.3, available from the Asterisk Business   |
   |      Edition       |  Edition user portal on http://www.digium.com or  |
   |                    |           via Digium Technical Support            |
   |--------------------+---------------------------------------------------|
   |    AsteriskNOW     |            Beta 6, when available from            |
   |                    | http://www.asterisknow.org, Beta 5 users can use  |
   |                    |   use 'System Update' in the appliance control    |
   |                    |   panel to update their version of AsteriskNOW    |
   |--------------------+---------------------------------------------------|
   | Asterisk Appliance |               0.4.0, available from               |
   |   Developer Kit    |      ftp://ftp.digium.com/pub/telephony/aadk      |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |       Links       | http://bugs.digium.com/view.php?id=9313            |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security.                                      |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://www.asterisk.org/files/ASA-2007-011.pdf.                        |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - ASA-2007-011
              Copyright (c) 2007 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • ASA-2007-011: Multiple problems in SIP channel parser handling response codes, Kevin P. Fleming <=
Previous by Date:  nucleus 3.22 >> RFI, alijsb
Next by Date:  download engine V1.4.1 >> RFI (local), alijsb
Previous by Thread:  nucleus 3.22 >> RFI, alijsb
Next by Thread:  download engine V1.4.1 >> RFI (local), alijsb
Indexes:  [Date] [Thread] [Top] [All Lists]