SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (VoIP)  >   Asterisk Vendors:   Digium (Linux Support Services)
Asterisk Stack Overflow in HTTP Manager Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1026813
SecurityTracker URL:  http://securitytracker.com/id/1026813
CVE Reference:   CVE-2012-1184   (Links to External Site)
Updated:  Mar 16 2012
Original Entry Date:  Mar 16 2012
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.8.x, 10.x
Description:   A vulnerability was reported in Asterisk. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted HTTP Digest Authentication data to trigger a stack overflow in the HTTP Manager interface and execute arbitrary code on the target system. The code will run with the privileges of the target service.

Russell Bryant reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (1.8.10.1, 10.2.1).

The vendor's advisory is available at:

http://downloads.asterisk.org/pub/security/AST-2012-003.html

Vendor URL:  downloads.asterisk.org/pub/security/AST-2012-003.html (Links to External Site)
Cause:   Boundary error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Date:  Thu, 15 Mar 2012 17:05:32 -0500
Subject:  [Full-disclosure] AST-2012-003: Stack Buffer Overflow in HTTP Manager

               Asterisk Project Security Advisory - AST-2012-003

          Product         Asterisk                                            
          Summary         Stack Buffer Overflow in HTTP Manager               
     Nature of Advisory   Exploitable Stack Buffer Overflow                   
       Susceptibility     Remote Unauthenticated Sessions                     
          Severity        Critical                                            
       Exploits Known     No                                                  
        Reported On       03/15/2012                                          
        Reported By       Russell Bryant                                      
         Posted On        03/15/2012                                          
      Last Updated On     March 15, 2012                                      
      Advisory Contact    Matt Jordan < mjordan AT digium DOT com >           
          CVE Name        

    Description  An attacker attempting to connect to an HTTP session of the  
                 Asterisk Manager Interface can send an arbitrarily long      
                 string value for HTTP Digest Authentication. This causes a   
                 stack buffer overflow, with the possibility of remote code   
                 injection.                                                   

    Resolution  Upgrade to one of the versions of Asterisk listed in the      
                "Corrected In" section, or apply a patch specified in the     
                "Patches" section.                                            

                               Affected Versions
                Product              Release Series  
         Asterisk Open Source            1.8.x       All versions             
         Asterisk Open Source             10.x       All versions             

                                  Corrected In 
                     Product                              Release             
              Asterisk Open Source                       1.8.10.1             
              Asterisk Open Source                        10.2.1              

                                    Patches                          
                                SVN URL                              Revision 
   http://downloads.asterisk.org/pub/security/AST-2012-003-1.8.diff  v1.8     
   http://downloads.asterisk.org/pub/security/AST-2012-003-10.diff   v10      

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-19542       

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at http://downloads.digium.com/pub/security/.pdf   
    and http://downloads.digium.com/pub/security/.html                        

                                Revision History
          Date                  Editor                 Revisions Made         
    03-15-2012         Matt Jordan               Initial release              

               Asterisk Project Security Advisory - AST-2012-003
              Copyright (c) 2012 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC