SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
IT News
Search
SecurityAlert Database
About SecurityAlert
ExploitAlert Database
SecurityReason Research
WLB
WLB Database
Send to WLB
About WLB
Services
Security Audit
Schedule
Prices of services
Contact
RSS
SecurityReason IT News
SecurityAlert
World Laboratory of Bugtraq
ExploitAlert
Apache
PHP
Corporate
Contact
About SecurityReason
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com
Home arrow SecurityAlert Database

Arrow  Topic :

Information leak in IAX2 authentication


Arrow  SecurityAlert : 4910
Arrow  CVE : CVE-2009-0041
Arrow  CWE : CWE-200
Arrow  SecurityRisk : Medium  Security Risk Medium  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Victim interaction required : No
Arrow  Exploit Available : No
Arrow  Credit : Asterisk
Arrow  Published : 16.01.2009

Arrow  Affected Software : asterisk:open_source:1.2.12
asterisk:open_source:1.2.12.1
asterisk:open_source:1.2.0
asterisk:open_source:1.2.1
asterisk:open_source:1.2.11:netsec
asterisk:open_source:1.2.10:netsec
asterisk:open_source:1.2.12.1:netsec
asterisk:open_source:1.2.12:netsec
asterisk:open_source:1.2.14:netsec
asterisk:open_source:1.2.13:netsec
asterisk:open_source:1.2.0:rc1
asterisk:open_source:1.2.0:rc2
asterisk:open_source:1.2.0:beta1
asterisk:open_source:1.2.0:beta2
asterisk:open_source:1.2.14
asterisk:open_source:1.2.13
asterisk:open_source:1.2.11
asterisk:open_source:1.2.10
asterisk:open_source:1.2.0beta2
asterisk:open_source:1.2.0beta1
asterisk:open_source:1.2.21.1
asterisk:open_source:1.2.2
asterisk:open_source:1.2.20
asterisk:open_source:1.2.16:netsec
asterisk:open_source:1.2.15:netsec
asterisk:open_source:1.2.19:netsec
asterisk:open_source:1.2.17:netsec
asterisk:open_source:1.2.20:netsec
asterisk:open_source:1.2.2:netsec
asterisk:open_source:1.2.21.1:netsec
asterisk:open_source:1.2.21:netsec
asterisk:open_source:1.2.18:netsec
asterisk:open_source:1.2.22
asterisk:open_source:1.2.19
asterisk:open_source:1.2.21
asterisk:open_source:1.2.18
asterisk:open_source:1.2.17
asterisk:open_source:1.2.22:netsec
asterisk:open_source:1.2.16
asterisk:open_source:1.2.15
asterisk:open_source:1.2.26.1
asterisk:open_source:1.2.26.2
asterisk:open_source:1.2.3
asterisk:open_source:1.2.28
asterisk:open_source:1.2.30.3
asterisk:open_source:1.2.30.2
asterisk:open_source:1.2.30
asterisk:open_source:1.2.27
asterisk:open_source:1.2.26
asterisk:open_source:1.2.29
asterisk:open_source:1.2.24
asterisk:open_source:1.2.25
asterisk:open_source:1.2.3:netsec
asterisk:open_source:1.2.23
asterisk:open_source:1.2.26.2:netsec
asterisk:open_source:1.2.26.1:netsec
asterisk:open_source:1.2.26:netsec
asterisk:open_source:1.2.25:netsec
asterisk:open_source:1.2.24:netsec
asterisk:open_source:1.2.23:netsec
asterisk:open_source:1.2.30.4 and previous versions
asterisk:open_source:1.4.16
asterisk:open_source:1.4.18.1
asterisk:open_source:1.4.17
asterisk:open_source:1.4.0
asterisk:open_source:1.4.19
asterisk:open_source:1.4.10.1
asterisk:open_source:1.4.12.1
asterisk:open_source:1.4.16.1
asterisk:open_source:1.4.16.2
asterisk:open_source:1.4.15
asterisk:open_source:1.4.14
asterisk:open_source:1.4.13
asterisk:open_source:1.4.12
asterisk:open_source:1.4.18
asterisk:open_source:1.4.11
asterisk:open_source:1.4.0:beta4
asterisk:open_source:1.4.10
asterisk:open_source:1.4.0:beta3
asterisk:open_source:1.4.0:beta2
asterisk:open_source:1.4.1
asterisk:open_source:1.4.19.1
asterisk:open_source:1.4.19:rc2
asterisk:open_source:1.4.7.1
asterisk:open_source:1.4_revision_95946
asterisk:open_source:1.4.9
asterisk:open_source:1.4.19:rc4
asterisk:open_source:1.4.8
asterisk:open_source:1.4.7
asterisk:open_source:1.4.19:rc3
asterisk:open_source:1.4.5
asterisk:open_source:1.4.19:rc1
asterisk:open_source:1.4.6
asterisk:open_source:1.4.3
asterisk:open_source:1.4.4
asterisk:open_source:1.4.2
asterisk:open_source:1.4beta
asterisk:open_source:1.4.19.2
asterisk:open_source:1.4.20
asterisk:open_source:1.4.20:rc1
asterisk:open_source:1.4.20:rc2
asterisk:open_source:1.4.20:rc3
asterisk:open_source:1.4.21
asterisk:open_source:1.4.21:rc1
asterisk:open_source:1.4.21:rc2
asterisk:open_source:1.4.21.1
asterisk:open_source:1.4.21.2
asterisk:open_source:1.4.22
asterisk:open_source:1.4.22:rc3
asterisk:open_source:1.4.22:rc4
asterisk:open_source:1.4.22.1
asterisk:open_source:1.4.22.2
asterisk:open_source:1.4.23
asterisk:open_source:1.4.23:rc1
asterisk:open_source:1.4.23:rc2
asterisk:open_source:1.4.23:rc3 and previous versions
asterisk:open_source:1.6.0:beta7
asterisk:open_source:1.6.0:beta7.1
asterisk:open_source:1.6.0:beta8
asterisk:open_source:1.6.0:beta9
asterisk:open_source:1.6.0:rc4
asterisk:open_source:1.6.0:rc5
asterisk:open_source:1.6.0:rc6
asterisk:open_source:1.6.0.1
asterisk:open_source:1.6.0.2
asterisk:open_source:1.6.0.3
asterisk:open_source:1.6.0.3:rc1 and previous versions
asterisk:open_source:1.6.0:beta1
asterisk:open_source:1.6.0:beta2
asterisk:open_source:1.6.0:beta3
asterisk:open_source:1.6.0:beta4
asterisk:open_source:1.6.0:beta5
asterisk:asterisk_business_edition:a
asterisk:asterisk_business_edition:b.2.3.5
asterisk:asterisk_business_edition:b.2.5.1
asterisk:asterisk_business_edition:b.2.5.3
asterisk:asterisk_business_edition:b.2.3.6
asterisk:asterisk_business_edition:b.2.5.0
asterisk:asterisk_business_edition:b.2.3.2
asterisk:asterisk_business_edition:b.2.3.3
asterisk:asterisk_business_edition:b.2.3.4
asterisk:asterisk_business_edition:b.1.3.3
asterisk:asterisk_business_edition:b.2.2.0
asterisk:asterisk_business_edition:b.2.2.1
asterisk:asterisk_business_edition:b.2.3.1
asterisk:asterisk_business_edition:b.1.3.2
asterisk:asterisk_business_edition:b.2.5.2 and previous versions
asterisk:asterisk_business_edition:c.1.0:beta7
asterisk:asterisk_business_edition:c.1.0:beta8 and previous versions



Arrow  Advisory Content :  

Asterisk Project Security Advisory - AST-2009-001

+-----------------------------------------------------------------------
-+
| Product | Asterisk
|

|----------------------+------------------------------------------------
-|
| Summary | Information leak in IAX2 authentication
|

|----------------------+------------------------------------------------
-|
| Nature of Advisory | Unauthorized data disclosure
|

|----------------------+------------------------------------------------
-|
| Susceptibility | Remote Unauthenticated Sessions
|

|----------------------+------------------------------------------------
-|
| Severity | Minor
|

|----------------------+------------------------------------------------
-|
| Exploits Known | Yes
|

|----------------------+------------------------------------------------
-|
| Reported On | October 15, 2008
|

|----------------------+------------------------------------------------
-|
| Reported By | http://www.unprotectedhex.com
|

|----------------------+------------------------------------------------
-|
| Posted On | January 7, 2009
|

|----------------------+------------------------------------------------
-|
| Last Updated On | January 7, 2009
|

|----------------------+------------------------------------------------
-|
| Advisory Contact | Tilghman Lesher < tlesher AT digium DOT com >
|

|----------------------+------------------------------------------------
-|
| CVE Name | CVE-2009-0041
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Description | IAX2 provides a different response during authentication
|
| | when a user does not exist, as compared to when the
|
| | password is merely wrong. This allows an attacker to
|
| | scan a host to find specific users on which to
|
| | concentrate password cracking attempts.
|
| |
|
| | The workaround involves sending back responses that are
|
| | valid for that particular site. For example, if it were
|
| | known that a site only uses RSA authentication, then
|
| | sending back an MD5 authentication request would
|
| | similarly identify the user as not existing. The
|
| | opposite is also true. So the solution is always to send
|
| | back an authentication response that corresponds to a
|
| | known frequency with which real authentication responses
|
| | are returned, when the user does not exist. This makes
|
| | it very difficult for an attacker to guess whether a
|
| | user exists or not, based upon this particular
|
| | mechanism.
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Resolution | Upgrade to revision 167259 of the 1.2 branch or 167260 of
|
| | the 1.4 branch or one of the releases noted below.
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Affected Versions
|

|-----------------------------------------------------------------------
-|
| Product | Release |
|
| | Series |
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Open Source | 1.2.x | All version prior to 1.2.31
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Open Source | 1.4.x | All versions prior to
|
| | | 1.4.23-rc4
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Open Source | 1.6.x | All versions prior to
|
| | | 1.6.0.3-rc2
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Addons | 1.2.x | Not affected
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Addons | 1.4.x | Not affected
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Addons | 1.6.x | Not affected
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Business Edition | A.x.x | All versions
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Business Edition | B.x.x | All versions prior to B.2.5.7
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Business Edition | C.1.x.x | All versions prior to C.1.10.4
|

|----------------------------+---------+--------------------------------
-|
| Asterisk Business Edition | C.2.x.x | All versions prior to C.2.1.2.1
|

|----------------------------+---------+--------------------------------
-|
| AsteriskNOW | 1.5 | Not affected
|

|----------------------------+---------+--------------------------------
-|
| s800i (Asterisk Appliance) | 1.2.x | All versions prior to 1.3.0
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Corrected In
|

|-----------------------------------------------------------------------
-|
| Product | Release
|

|--------------------------------------------+--------------------------
-|
| Asterisk Open Source | 1.2.31
|

|--------------------------------------------+--------------------------
-|
| Asterisk Open Source | 1.4.22.1
|

|--------------------------------------------+--------------------------
-|
| Asterisk Open Source | 1.6.0.3
|

|--------------------------------------------+--------------------------
-|
| Asterisk Business Edition | B.2.5.7
|

|--------------------------------------------+--------------------------
-|
| Asterisk Business Edition | C.1.10.4
|

|--------------------------------------------+--------------------------
-|
| Asterisk Business Edition | C.2.1.2.1
|

|--------------------------------------------+--------------------------
-|
| s800i (Asterisk Appliance) | 1.3.0
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Patches
|

|-----------------------------------------------------------------------
-|
| URL
|Branch|

|-----------------------------------------------------------------+-----
-|
|http://downloads.digium.com/pub/security/AST-2009-001-1.2.diff |1.2
|

|-----------------------------------------------------------------+-----
-|
|http://downloads.digium.com/pub/security/AST-2009-001-1.4.diff |1.4
|

|-----------------------------------------------------------------+-----
-|
|http://downloads.digium.com/pub/security/AST-2009-001-1.6.0.diff |1.6.0
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Links | http://code.google.com/p/iaxscan/
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Asterisk Project Security Advisories are posted at
|
| http://www.asterisk.org/security
|
|
|
| This document may be superseded by later versions; if so, the latest
|
| version will be posted at
|
| http://downloads.digium.com/pub/security/AST-2009-001.pdf and
|
| http://downloads.digium.com/pub/security/AST-2009-001.html
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Revision History
|

|-----------------------------------------------------------------------
-|
| Date | Editor | Revisions Made
|

|-----------------+------------------------+----------------------------
-|
| 2009-01-07 | Tilghman Lesher | Initial release
|

+-----------------------------------------------------------------------
-+

Asterisk Project Security Advisory - AST-2009-001
Copyright (c) 2009 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in
its
original, unaltered form.



Arrow  References :

http://www.securityfocus.com/bid/33174
http://www.securityfocus.com/archive/1/archive/1/499884/100/0/threaded




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server
Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability
PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)
ADT

Protect your family and valuables with Home Security Systems
Copyright © SecurityReason.com. All Rights Reserved.