SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (VoIP)  >   Asterisk Vendors:   Digium (Linux Support Services)
Asterisk SIP Request Processing Flaw With Invalid SDP Lets Remote Users Deny Service
SecurityTracker Alert ID:  1028957
SecurityTracker URL:  http://securitytracker.com/id/1028957
CVE Reference:   CVE-2013-5642   (Links to External Site)
Updated:  Sep 13 2013
Original Entry Date:  Aug 28 2013
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.8.x, 10.x, 11.x
Description:   A vulnerability was reported in Asterisk. A remote user can cause denial of service conditions.

A remote user can send a specially crafted SIP request with an invalid SDP to cause the target service to crash.

The vendor was notified on July 03, 2013.

Walter Doekes, OSSO B.V., reported this vulnerability.

Impact:   A remote user can cause the target service to crash.
Solution:   The vendor has issued a fix (1.8.23.1, 10.12.3, 11.5.1; 1.8.15-cert3, 11.2-cert2).

The vendor's advisory is available at:

http://downloads.digium.com/pub/security/AST-2013-005.html

Vendor URL:  downloads.digium.com/pub/security/AST-2013-005.html (Links to External Site)
Cause:   State error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Date:  Tue, 27 Aug 2013 19:26:17 -0500
Subject:  [Full-disclosure] AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request

               Asterisk Project Security Advisory - AST-2013-005

         Product        Asterisk                                              
         Summary        Remote Crash when Invalid SDP is sent in SIP Request  
    Nature of Advisory  Remote Crash                                          
      Susceptibility    Remote Unauthenticated Sessions                       
         Severity       Major                                                 
      Exploits Known    None                                                  
       Reported On      July 03, 2013                                         
       Reported By      Walter Doekes, OSSO B.V.                              
        Posted On       August 27, 2013                                       
     Last Updated On    August 27, 2013                                       
     Advisory Contact   Matthew Jordan <mjordan AT digium DOT com>            
         CVE Name       Pending                                               

    Description  A remotely exploitable crash vulnerability exists in the     
                 SIP channel driver if an invalid SDP is sent in a SIP        
                 request that defines media descriptions before connection    
                 information. The handling code incorrectly attempts to       
                 reference the socket address information even though that    
                 information has not yet been set.                            

    Resolution  This patch adds checks when handling the various media        
                descriptions that ensures the media descriptions are handled  
                only if we have connection information suitable for that      
                media.                                                        
                                                                              
                Thanks to Walter Doekes of OSSO B.V. for finding, reporting,  
                testing, and providing the fix for this problem.              

                               Affected Versions
                 Product                Release Series    
          Asterisk Open Source               1.8.x        All Versions        
          Asterisk Open Source               10.x         All Versions        
          Asterisk Open Source               11.x         All Versions        
           Certified Asterisk               1.8.15        All Versions        
           Certified Asterisk                11.2         All Versions        
       Asterisk with Digiumphones      10.x-digiumphones  All Versions        

                                  Corrected In
                  Product                              Release                
            Asterisk Open Source              1.8.23.1, 10.12.3, 11.5.1       
             Certified Asterisk                1.8.15-cert3, 11.2-cert2       
         Asterisk with Digiumphones              10.12.3-digiumphones         

                                          Patches                            
                                  SVN URL                                       Revision     
http://downloads.asterisk.org/pub/security/AST-2013-005-1.8.diff             Asterisk 1.8    
http://downloads.asterisk.org/pub/security/AST-2013-005-10.diff              Asterisk 10     
http://downloads.asterisk.org/pub/security/AST-2013-005-10-digiumphones.diff Asterisk        
                                                                             10-digiumphones 
http://downloads.asterisk.org/pub/security/AST-2013-005-11.diff              Asterisk 11     
http://downloads.asterisk.org/pub/security/AST-2013-005-1.8.15.diff          Certified       
                                                                             Asterisk 1.8.15 
http://downloads.asterisk.org/pub/security/AST-2013-005-11.2.diff            Certified       
                                                                             Asterisk 11.2   

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-22007       

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at                                                 
    http://downloads.digium.com/pub/security/AST-2013-005.pdf and             
    http://downloads.digium.com/pub/security/AST-2013-005.html                

                                Revision History
          Date                 Editor                  Revisions Made         
    2013-08-27         Matt Jordan              Initial Revision              

               Asterisk Project Security Advisory - AST-2013-005
              Copyright (c) 2013 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC