T.38 asterisk 1.6.1.12 Remote Crash Vulnerability

Advisory Content :

Asterisk Project Security Advisory - AST-2010-001

+-----------------------------------------------------------------------
-+
| Product | Asterisk
|

|----------------------+------------------------------------------------
-|
| Summary | T.38 Remote Crash Vulnerability
|

|----------------------+------------------------------------------------
-|
| Nature of Advisory | Denial of Service
|

|----------------------+------------------------------------------------
-|
| Susceptibility | Remote unauthenticated sessions
|

|----------------------+------------------------------------------------
-|
| Severity | Critical
|

|----------------------+------------------------------------------------
-|
| Exploits Known | No
|

|----------------------+------------------------------------------------
-|
| Reported On | 12/03/09
|

|----------------------+------------------------------------------------
-|
| Reported By | issues.asterisk.org users bklang and elsto
|

|----------------------+------------------------------------------------
-|
| Posted On | 02/03/10
|

|----------------------+------------------------------------------------
-|
| Last Updated On | February 2, 2010
|

|----------------------+------------------------------------------------
-|
| Advisory Contact | David Vossel < dvossel AT digium DOT com >
|

|----------------------+------------------------------------------------
-|
| CVE Name | CVE-2010-0441
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Description | An attacker attempting to negotiate T.38 over SIP can
|
| | remotely crash Asterisk by modifying the FaxMaxDatagram
|
| | field of the SDP to contain either a negative or
|
| | exceptionally large value. The same crash occurs when
|
| | the FaxMaxDatagram field is omitted from the SDP as
|
| | well.
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Resolution | Upgrade to one of the versions of Asterisk listed in the
|
| | "Corrected In" section, or apply a patch specified in the
|
| | "Patches" section.
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Affected Versions
|

|-----------------------------------------------------------------------
-|
| Product | Release Series |
|

|----------------------------------+----------------+-------------------
-|
| Asterisk Open Source | 1.6.x | All versions
|

|----------------------------------+----------------+-------------------
-|
| Asterisk Business Edition | C.3 | All versions
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Corrected In
|

|-----------------------------------------------------------------------
-|
| Product | Release
|

|------------------------------------------+----------------------------
-|
| Asterisk Open Source | 1.6.0.22
|

|------------------------------------------+----------------------------
-|
| Asterisk Open Source | 1.6.1.14
|

|------------------------------------------+----------------------------
-|
| Asterisk Open Source | 1.6.2.2
|

|------------------------------------------+----------------------------
-|
| | C.3.3.2
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
--+
| Patches
|

|-----------------------------------------------------------------------
--|
| SVN URL
|Branch|

|------------------------------------------------------------------+----
--|

|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff|v1.6
.0|

|------------------------------------------------------------------+----
--|

|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff|v1.6
.1|

|------------------------------------------------------------------+----
--|

|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff|v1.6
.2|

+-----------------------------------------------------------------------
--+

+-----------------------------------------------------------------------
-+
| Links | https://issues.asterisk.org/view.php?id=16634
|
| |
|
| | https://issues.asterisk.org/view.php?id=16724
|
| |
|
| | https://issues.asterisk.org/view.php?id=16517
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Asterisk Project Security Advisories are posted at
|
| http://www.asterisk.org/security
|
|
|
| This document may be superseded by later versions; if so, the latest
|
| version will be posted at
|
| http://downloads.digium.com/pub/security/.pdf and
|
| http://downloads.digium.com/pub/security/.html
|

+-----------------------------------------------------------------------
-+

+-----------------------------------------------------------------------
-+
| Revision History
|

|-----------------------------------------------------------------------
-|
| Date | Editor | Revisions Made
|

|----------------+----------------------+-------------------------------
-|
| 02/02/10 | David Vossel | Initial release
|

+-----------------------------------------------------------------------
-+

Asterisk Project Security Advisory - AST-2010-001
Copyright (c) 2010 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in
its
original, unaltered form.

Security

IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

WLB Database

Send to WLB

About WLB

Security Audit

Schedule

Prices of services

Contact

SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

Contact

About SecurityReason

T.38 asterisk 1.6.1.12 Remote Crash Vulnerability