AST-2009-004: Remote Crash Vulnerability in RTP stack

2009-08-03T00:00:00
ID SECURITYVULNS:DOC:22247
Type securityvulns
Reporter Securityvulns
Modified 2009-08-03T00:00:00

Description

           Asterisk Project Security Advisory - AST-2009-004

+------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Remote Crash Vulnerability in RTP stack | |----------------------+-------------------------------------------------| | Nature of Advisory | Exploitable Crash | |----------------------+-------------------------------------------------| | Susceptibility | Remote unauthenticated sessions | |----------------------+-------------------------------------------------| | Severity | Critical | |----------------------+-------------------------------------------------| | Exploits Known | No | |----------------------+-------------------------------------------------| | Reported On | July 27, 2009 | |----------------------+-------------------------------------------------| | Reported By | Marcus Hunger <hunger AT sipgate DOT de> | |----------------------+-------------------------------------------------| | Posted On | August 2, 2009 | |----------------------+-------------------------------------------------| | Last Updated On | August 2, 2009 | |----------------------+-------------------------------------------------| | Advisory Contact | Mark Michelson <mmichelson AT digium DOT com> | |----------------------+-------------------------------------------------| | CVE Name | | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Description | An attacker can cause Asterisk to crash remotely by | | | sending malformed RTP text frames. While the attacker | | | can cause Asterisk to crash, he cannot execute arbitrary | | | remote code with this exploit. | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Resolution | Users should upgrade to a version listed in the | | | "Corrected In" section below. | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Affected Versions | |------------------------------------------------------------------------| | Product | Release Series | | |-------------------------------+----------------+-----------------------| | Asterisk Open Source | 1.2.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Open Source | 1.4.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Open Source | 1.6.x | All 1.6.1 versions | |-------------------------------+----------------+-----------------------| | Asterisk Addons | 1.2.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Addons | 1.4.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Addons | 1.6.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Business Edition | A.x.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Business Edition | B.x.x | Unaffected | |-------------------------------+----------------+-----------------------| | Asterisk Business Edition | C.x.x | Unaffected | |-------------------------------+----------------+-----------------------| | AsteriskNOW | 1.5 | Unaffected | |-------------------------------+----------------+-----------------------| | s800i (Asterisk Appliance) | 1.2.x | Unaffected | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Corrected In | |------------------------------------------------------------------------| | Product | Release | |---------------------------------------------+--------------------------| | Open Source Asterisk 1.6.1 | 1.6.1.2 | |---------------------------------------------+--------------------------| |---------------------------------------------+--------------------------| +------------------------------------------------------------------------+

+----------------------------------------------------------------------------+ | Patches | |----------------------------------------------------------------------------| | SVN URL |Version| |--------------------------------------------------------------------+-------| |http://downloads.digium.com/pub/security/AST-2009-004-1.6.1.diff.txt| 1.6.1 | |--------------------------------------------------------------------+-------| +----------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Links | | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Asterisk Project Security Advisories are posted at | | http://www.asterisk.org/security | | | | This document may be superseded by later versions; if so, the latest | | version will be posted at | | http://downloads.digium.com/pub/security/AST-2009-004.pdf and | | http://downloads.digium.com/pub/security/AST-2009-004.html | +------------------------------------------------------------------------+

+------------------------------------------------------------------------+ | Revision History | |------------------------------------------------------------------------| | Date | Editor | Revisions Made | |----------------+-----------------+-------------------------------------| | 27 Jul, 2009 | Mark Michelson | Initial Draft | |----------------+-----------------+-------------------------------------| | 31 Jul, 2009 | Mark Michelson | Added sentence about how remote | | | | code cannot be executed. | |----------------+-----------------+-------------------------------------| | August 2, 2009 | Tilghman Lesher | Public release | +------------------------------------------------------------------------+

           Asterisk Project Security Advisory - AST-2009-004
          Copyright &#40;c&#41; 2009 Digium, Inc. All Rights Reserved.

Permission is hereby granted to distribute and publish this advisory in its original, unaltered form.