Asterisk Project Security Advisory - AST-2008-001

    |       Product       | Asterisk                                         |
    |       Summary       | Remote Crash Vulnerability in SIP channel driver |
    | Nature of Advisory  | Denial of Service                                |
    |   Susceptibility    | Remote Unauthenticated Sessions                  |
    |      Severity       | Critical                                         |
    |   Exploits Known    | No                                               |
    |     Reported On     | December 26, 2007                                |
    |     Reported By     | Grey VoIP ( user greyvoip)        |
    |      Posted On      | January 2, 2008                                  |
    |   Last Updated On   | January 2, 2008                                  |
    |  Advisory Contact   | Joshua Colp <[EMAIL PROTECTED]>                   |
    |      CVE Name       |                                                  |

    | Description | The handling of the BYE with Also transfer method was    |
    |             | broken during the development of Asterisk 1.4. If a      |
    |             | transfer attempt is made using this method the system    |
    |             | will immediately crash upon handling the BYE message due |
    |             | to trying to copy data into a NULL pointer. It is        |
    |             | important to note that a dialog must have already been   |
    |             | established and up in order for this to happen.          |

    | Resolution | A fix has been added so that the BYE with Also transfer   |
    |            | method now properly allocates and uses the transfer data  |
    |            | structure. It will no longer try to copy data into a NULL |
    |            | pointer and will operate properly.                        |

    |                           Affected Versions                            |
    |          Product           |   Release   |                             |
    |                            |   Series    |                             |
    |    Asterisk Open Source    |    1.0.x    | Unaffected                  |
    |    Asterisk Open Source    |    1.2.x    | Unaffected                  |
    |    Asterisk Open Source    |    1.4.x    | All versions prior to       |
    |                            |             | 1.4.17                      |
    | Asterisk Business Edition  |    A.x.x    | Unaffected                  |
    | Asterisk Business Edition  |    B.x.x    | Unaffected                  |
    | Asterisk Business Edition  |    C.x.x    | All versions prior to       |
    |                            |             | C.1.0-beta8                 |
    |        AsteriskNOW         | pre-release | All versions prior to beta7 |
    |     Asterisk Appliance     |     SVN     | All versions prior to       |
    |       Developer Kit        |             | Asterisk 1.4 revision 95946 |
    | s800i (Asterisk Appliance) |    1.0.x    | All versions prior to       |
    |                            |             |                     |

    |                              Corrected In                              |
    |    Product    |                        Release                         |
    | Asterisk Open |                 1.4.17, available from                 |
    |    Source     |   |
    |   Asterisk    |                         C.1.0                          |
    |   Business    |                                                        |
    |    Edition    |                                                        |
    |  AsteriskNOW  |   Beta7, available from   |
    |               |                                                        |
    |               |   Beta5 and Beta6 users can update using the system    |
    |               |     update feature in the appliance control panel.     |
    |   Asterisk    |  Asterisk 1.4 revision 95946. Available by performing  |
    |   Appliance   |            an svn update of the AADK tree.             |
    | Developer Kit |                                                        |
    |     s800i     |                                       |
    |   (Asterisk   |                                                        |
    |  Appliance)   |                                                        |

    |      Links       |            |

    | Asterisk Project Security Advisories are posted at                     |
    |                                       |
    |                                                                        |
    | This document may be superseded by later versions; if so, the latest   |
    | version will be posted at                                              |
    | and          |
    |             |

    |                            Revision History                            |
    |       Date       |       Editor       |         Revisions Made         |
    | 2008-01-02       | Joshua Colp        | Initial Release                |

                Asterisk Project Security Advisory - AST-2008-001
               Copyright (c) 2007 Digium, Inc. All Rights Reserved.
   Permission is hereby granted to distribute and publish this advisory in its
                            original, unaltered form.

--Bandwidth and Colocation Provided by

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:

Reply via email to