AST-2012-011: Remote Crash Vulnerability In Voice Mail Application

Report
Question

If a single voicemail account is manipulated by two parties simultaneously, a condition can occur where memory is freed twice causing a crash. Management of the memory in question has been reworked so that double frees and out of bounds array access do not occur. Upgrade to the latest release. Affected Versions

  • Product Release Series
  • Asterisk Open Source 1.8.x 1.8.11 and newer
  • Asterisk Open Source 10.x 10.3 and newer
  • Certified Asterisk 1.8.11-certx All versions
  • Asterisk Digiumphones 10.x.x-digiumphones All versions
Corrected In
  • Product Release
  • Asterisk Open Source 1.8.13.1, 10.5.2
  • Certified Asterisk 1.8.11-cert4
  • Asterisk Digiumphones 10.5.2-digiumphones

VoIP News 3 years ago 0 Answer

Skinny Channel Driver Remote Crash Vulnerability

Report
Question

A previously developed patch dealt with a denial of service attack exploitable in the Skinny channel driver that occurred when certain messages are sent after a previously registered station sends an Off Hook message. Unresolved in that patch is an issue in the Asterisk 10 releases, wherein, if a Station Key Pad Button Message is processed after an Off Hook message, the channel driver will inappropriately dereference a Null pointer. Similar to the problem solved with the previous patch, a remote attacker with a valid SCCP ID can use this vulnerability by closing a connection to the Asterisk server when a station is in the "Off Hook" call state and…

VoIP News 3.1 years ago 0 Answer

Asterisk Manager User Unauthorized Shell Access

Report
Question

A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any…

VoIP News 3.2 years ago 0 Answer

Asterisk 1.8.8.2 and 10.0.1 Now Available (Security Release)

Report
Question

The Asterisk Development Team has announced security releases for Asterisk 1.8
and 10. The available security releases are released as versions 1.8.8.2 and
10.0.1. Please note that the security vulnerability in Asterisk 1.8 and 10
does not exist for Asterisk versions 1.4 or 1.6.2. These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk versions 1.8.8.2 and 10.0.1 resolves an issue
wherein an attacker attempting to negotiate a secure video stream can crash
Asterisk if video support has not been enabled and the res_srtp Asterisk
module is loaded.…

Asterisk Users 3.5 years ago 0 Answer

SRTP Video Remote Crash Vulnerability

Report
Question

Asterisk Project Security Advisory - AST-2012-001 +------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | SRTP Video Remote Crash Vulnerability |
|----------------------+-------------------------------------------------|
| Nature of Advisory | Denial of Service |
|----------------------+-------------------------------------------------|
| Susceptibility | Remote unauthenticated sessions |
|----------------------+-------------------------------------------------|
| Severity | Moderate |
|----------------------+-------------------------------------------------|
| Exploits Known | No |
|----------------------+-------------------------------------------------|
| Reported On | 2012-01-15 |
|----------------------+-------------------------------------------------|
| Reported By | Catalin Sanda |
|----------------------+-------------------------------------------------|
| Posted On | 2012-01-19 |
|----------------------+-------------------------------------------------|
| Last Updated On |…

Asterisk Users 3.5 years ago 1 Answer