SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (VoIP)  >   Asterisk Vendors:   Digium (Linux Support Services)
Asterisk SIP ACK With SDP Processing Error Lets Remote Users Deny Service
SecurityTracker Alert ID:  1028956
SecurityTracker URL:  http://securitytracker.com/id/1028956
CVE Reference:   CVE-2013-5641   (Links to External Site)
Updated:  Sep 13 2013
Original Entry Date:  Aug 28 2013
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.8.x, 11.x
Description:   A vulnerability was reported in Asterisk. A remote user can cause denial of service conditions.

A remote user can send a SIP ACK with SDP that is received after the channel has been terminated to cause the target service to crash.

The vendor was notified on February 11, 2013.

Colin Cuthbertson reported this vulnerability.

Impact:   A remote user can cause the target system to crash.
Solution:   The vendor has issued a fix (1.8.23.1, 11.5.1; 1.8.15-cert3, 11.2-cert2).

The vendor's advisory is available at:

http://downloads.digium.com/pub/security/AST-2013-004.html

Vendor URL:  downloads.digium.com/pub/security/AST-2013-004.html (Links to External Site)
Cause:   State error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Date:  Tue, 27 Aug 2013 19:26:07 -0500
Subject:  [Full-disclosure] AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP

               Asterisk Project Security Advisory - AST-2013-004

          Product         Asterisk                                            
          Summary         Remote Crash From Late Arriving SIP ACK With SDP    
     Nature of Advisory   Remote Crash                                        
       Susceptibility     Remote Unauthenticated Sessions                     
          Severity        Major                                               
       Exploits Known     None                                                
        Reported On       February 11, 2013                                   
        Reported By       Colin Cuthbertson                                   
         Posted On        August 27, 2013                                     
      Last Updated On     August 27, 2013                                     
      Advisory Contact    Joshua Colp <jcolp AT digium DOT com>               
          CVE Name        Pending                                             

    Description  A remotely exploitable crash vulnerability exists in the     
                 SIP channel driver if an ACK with SDP is received after the  
                 channel has been terminated. The handling code incorrectly   
                 assumes that the channel will always be present.             

    Resolution  A check has now been added which only parses SDP and applies  
                it if an Asterisk channel is present.                         
                                                                              
                Note that Walter Doekes, OSSO B.V., is responsible for        
                diagnosing and providing the fix for this issue.              

                               Affected Versions
              Product             Release Series  
        Asterisk Open Source          1.8.x       1.8.17.0 and above          
        Asterisk Open Source           11.x       All versions                
         Certified Asterisk           1.8.15      All versions                
         Certified Asterisk            11.2       All versions                

                                  Corrected In
                 Product                              Release                 
          Asterisk Open Source                   1.8.23.1, 11.5.1             
           Certified Asterisk                1.8.15-cert3, 11.2-cert2         

                                     Patches                             
                                SVN URL                                  Revision  
http://downloads.asterisk.org/pub/security/AST-2013-004-1.8.diff         Asterisk  
                                                                         1.8       
http://downloads.asterisk.org/pub/security/AST-2013-004-11.diff          Asterisk  
                                                                         11        
http://downloads.asterisk.org/pub/security/AST-2013-004-1.8.15-cert.diff Certified 
                                                                         Asterisk  
                                                                         1.8.15    
http://downloads.asterisk.org/pub/security/AST-2013-004-11.2-cert.diff   Certified 
                                                                         Asterisk  
                                                                         11.1      

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-21064       

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at                                                 
    http://downloads.digium.com/pub/security/AST-2013-004.pdf and             
    http://downloads.digium.com/pub/security/AST-2013-004.html                

                                Revision History
          Date                 Editor                  Revisions Made         
    2013-08-22         Joshua Colp              Initial revision.             

               Asterisk Project Security Advisory - AST-2013-004
              Copyright (c) 2013 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC