copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2016.0813 - [UNIX/Linux][Debian] kamailio: Execute arbitrary code/commands - Remote/unauthenticated

Date: 30 March 2016

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0813
                         kamailio security update
                               30 March 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kamailio
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-2385  

Original Bulletin: 
   http://www.debian.org/security/2016/dsa-3535

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running kamailio check for an updated version of the software for 
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3535-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 29, 2016                        https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : kamailio
CVE ID         : CVE-2016-2385

Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy
which might result in the execution of arbitrary code.

For the stable distribution (jessie), this problem has been fixed in
version 4.2.0-2+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 4.3.4-2.

For the unstable distribution (sid), this problem has been fixed in
version 4.3.4-2.

We recommend that you upgrade your kamailio packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJW+u9xAAoJEBDCk7bDfE42AioP/AsFb4jukyDLCpMewlevKPMS
T07vlB9wH8ycCe18Tmv+56RXFbm3z3MYHIkd28aEB7X4HvlWMCslPVlIQQuBa3U3
WIA8EENBewf6iFYnB+AFbHYq1Lb5TSUcGqGgxwqtjEhgxTJqaCYEOn0LBMYQxYu7
RKGfwgUJtRlXz26DKs+2OXB7+0gQYHWWRiOiQJFAihnYNX5NeedRbsMJlHJiz2x+
V/TxH8iHNKICW+Yc5DqEESDKMooA1vGJ0BKF5ZGtJg1OpmPdWyQo1jZnH8y/N/6Y
gRNATXWdmCQswUiGpBvI9Mhr1yMcEDtRZ0DHOYMEEfWGRRqSaCuCx9RDvHVUTVhS
p7opfZp4SeMQiKYkcVZ9VOL7nRLAbvqCU4fhCGqcCPBJqylwUIo6KIFkiZN/z0U7
M4lT3MiTAVlmS7cOLt5ZGYyXian1mEWuCVk6UjV+eNEm1VzS+BhUKgeq27gZM8cC
WrrJ8gri1aOcgZYLHSjsRwAkjB3SRyC3vmU7fgI9pZCV8wB2pQ/oh+kSUtDUtN1K
9yWJY3Hy4fXZQ9j3mO4weAMuKkv7q3w/1Wejuk2jPjwb7/n9OO3DhBmE0m/C8iYK
shSiUglSFnlwZWP9M6wTjrUbq/eZb2NHw4Wv15t+tWfjK/99baIoMSjwl/tbMUWc
x4HMHMajt2NNNA2o/fpT
=BijT
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVvsk7H6ZAP0PgtI9AQJbKg//SgU20R3nKfcFqAl0VDSCMmFqFzLSlF3F
vvHxw3S47Pe6o4tkr2YcCF4nWf7vk5nUDHbnPemQl05PS2Sx3spSL1a9vrDBKThB
xS58F1fZke9ybc/nLi2GVrW58KF+qj3OKU3F5LGmEJYrqUP7INny1xToH2KAQvrf
wIo/bRc/ha+MIpChqlDBqd2AgziCMgSRhPOY5WkCiskS8tKm9CqwE7BsBhNY7zFX
8gJLD9SZDSzPX1S3GDESyPy+ogyT1aQsu+4s2T7yyCV7CDoN1VIOCSErTKUa3aa1
coFaMaPcfKlrt2lo1gKPaE1GMflW8zDY5/QYpxcBuRMCHzh07snioxpPBKZz6usY
mvDSs6zWXWF7P3UGiG+EHxH3KVwqtksbi0bMf+uS56ql0ZM4iXf9oyRQjcYOHdj+
R/ddLOBFdka4cJ6NlLd8t1I1wbD/Yxww5hSout7LTh/Cn3uIqYgd6QixXjJjk09u
ONx8ilPQSyOShiLWtbywatj6OrlWb96FO1fx7Fhcza9IKPO/baa65eESeyTBfnrO
xUZAgV1LaOSLVcMCeeYvtRVDfGYLFFRG4li1DS+0N9ni77MA6viXC9HPMfFtjq7h
mNqthdRMe5m04O324KgmhnAj2KfdEh4e22z6tn0qcEzoOyKgmjjyaljg182xnlpS
wa2d/x8yep4=
=Ey6Y
-----END PGP SIGNATURE-----