Date: 09 January 2008
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2008.0003 AUSCERT Advisory
[UNIX/Linux]
Asterisk 1.4.17 released to fix SIP vulnerability
9 January 2008
- ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: Asterisk 1.4.x before 1.4.17
Operating System: UNIX variants (UNIX, Linux, OSX)
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2008-0095
Member content until: Wednesday, February 06 2008
OVERVIEW:
A vulnerability has been reported in Asterisk 1.4.x prior to
1.4.17 that can result in a remotely exploited Denial of
Service (DoS).
IMPACT:
The National Vulnerability Database [1], gives the following
information regarding these vulnerabilities:
o CVE-2008-0095: "The SIP channel driver in Asterisk Open Source
1.4.x before 1.4.17, Business Edition before C.1.0-beta8,
AsteriskNOW before beta7, Appliance Developer Kit before Asterisk
1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4
allows remote attackers to cause a denial of service (daemon
crash) via a BYE message with an Also (Also transfer) header,
which triggers a NULL pointer dereference." [2]
Asterisk.org also added the following:
"This issue requires an authenticated session that allows transfers
to be exploited. If unauthenticated calls with transfer capability
are allowed, then this issue could be exploited with an
unauthenticated session. Also, this issue only affects Asterisk
1.4. Asterisk 1.2 is not affected. Systems that do not use chan_sip
are also not affected." [3]
MITIGATION:
This issue has been corrected in the release of Asterisk 1.4.17,
which is available for download from the Asterisk website. [4]
REFERENCES:
[1] National Vulnerability Database
http://nvd.nist.gov/
[2] National Vulnerability Database (CVE-2008-0095)
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0095
[3] Asterisk 1.4.17 Released
http://www.asterisk.org/node/48442
[4] Asterisk Downloads
http://www.asterisk.org/downloads
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR4RmzSh9+71yA2DNAQIDpwP8C/gS+rCzGv/pOMX6JkODoZmpmmPHIzgm
xwktrgdQ9es80NnEnCsX4hiGwJBBRcYVM4gbHD8laWCEkmPn9SfAQ6NhGAaddjMn
YlfQ57pFaIeMTc5o2RzlYR+IKNJxbnPOYBjq51at4qnE+xZqpUXYon+4pOJQRihk
8O3LwflkOEQ=
=95pW
-----END PGP SIGNATURE-----
|