AST-2012-011: Remote Crash Vulnerability In Voice Mail Application

Report
Question

If a single voicemail account is manipulated by two parties simultaneously, a condition can occur where memory is freed twice causing a crash. Management of the memory in question has been reworked so that double frees and out of bounds array access do not occur. Upgrade to the latest release. Affected Versions

  • Product Release Series
  • Asterisk Open Source 1.8.x 1.8.11 and newer
  • Asterisk Open Source 10.x 10.3 and newer
  • Certified Asterisk 1.8.11-certx All versions
  • Asterisk Digiumphones 10.x.x-digiumphones All versions
Corrected In
  • Product Release
  • Asterisk Open Source 1.8.13.1, 10.5.2
  • Certified Asterisk 1.8.11-cert4
  • Asterisk Digiumphones 10.5.2-digiumphones

VoIP News 3.1 years ago 0 Answers

Skinny Channel Driver Remote Crash Vulnerability

Report
Question

A previously developed patch dealt with a denial of service attack exploitable in the Skinny channel driver that occurred when certain messages are sent after a previously registered station sends an Off Hook message. Unresolved in that patch is an issue in the Asterisk 10 releases, wherein, if a Station Key Pad Button Message is processed after an Off Hook message, the channel driver will inappropriately dereference a Null pointer. Similar to the problem solved with the previous patch, a remote attacker with a valid SCCP ID can use this vulnerability by closing a connection to the Asterisk server when a station is in the "Off Hook" call state and…

VoIP News 3.2 years ago 0 Answers

Asterisk Manager User Unauthorized Shell Access

Report
Question

A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any…

VoIP News 3.3 years ago 0 Answers

Asterisk 1.8.8.2 and 10.0.1 Now Available (Security Release)

Report
Question

The Asterisk Development Team has announced security releases for Asterisk 1.8
and 10. The available security releases are released as versions 1.8.8.2 and
10.0.1. Please note that the security vulnerability in Asterisk 1.8 and 10
does not exist for Asterisk versions 1.4 or 1.6.2. These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk versions 1.8.8.2 and 10.0.1 resolves an issue
wherein an attacker attempting to negotiate a secure video stream can crash
Asterisk if video support has not been enabled and the res_srtp Asterisk
module is loaded.…

Asterisk Users 3.6 years ago 0 Answers

SRTP Video Remote Crash Vulnerability

Report
Question

Asterisk Project Security Advisory - AST-2012-001 +------------------------------------------------------------------------+
| Product | Asterisk |
|----------------------+-------------------------------------------------|
| Summary | SRTP Video Remote Crash Vulnerability |
|----------------------+-------------------------------------------------|
| Nature of Advisory | Denial of Service |
|----------------------+-------------------------------------------------|
| Susceptibility | Remote unauthenticated sessions |
|----------------------+-------------------------------------------------|
| Severity | Moderate |
|----------------------+-------------------------------------------------|
| Exploits Known | No |
|----------------------+-------------------------------------------------|
| Reported On | 2012-01-15 |
|----------------------+-------------------------------------------------|
| Reported By | Catalin Sanda |
|----------------------+-------------------------------------------------|
| Posted On | 2012-01-19 |
|----------------------+-------------------------------------------------|
| Last Updated On |…

Asterisk Users 3.6 years ago 1 Answer

Voip: Asterisk Security Releases Available

Report
Question

The Asterisk Development Team has announced security releases for Asterisk 1.4, 1.6.2 and 1.8. The available security releases are released as versions 1.4.43, 1.6.2.21 and 1.8.7.2. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk versions 1.4.43, 1.6.2.21, and 1.8.7.2 resolves an issue with possible remote enumeration of SIP endpoints with differing NAT settings. The release of Asterisk versions 1.6.2.21 and 1.8.7.2 resolves a remote crash possibility with SIP when the "automon" feature is enabled. The issues and resolutions are described in the AST-2011-013 and AST-2011-014 security advisories. For more information about the details of…

VoIP News 3.7 years ago 0 Answers

Remote crash possibility with SIP and the “automon” feature enabled

Report
Question

Asterisk Project Security Advisory - AST-2011-014

Summary:      Remote crash possibility with SIP and the "automon" Description:  When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash. Resolution:    Applying the referenced patches that check that the pointer is not NULL before accessing it will resolve the issue. The "automon" feature can be disabled in features.conf as a workaround. Patches Download URL Revision http://downloads.asterisk.org/pub/security/AST-2011-014-1.6.2.diff 1.6.2.20 http://downloads.asterisk.org/pub/security/AST-2011-014-1.8.diff 1.8.7.1 Links Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document…

VoIP News 3.7 years ago 0 Answers

Asterisk 1.4.43, 1.6.2.21, and 1.8.7.2 Now Available (Security Release)

Report
Question

The Asterisk Development Team has announced security releases for
Asterisk 1.4,
1.6.2 and 1.8. The available security releases are released as versions
1.4.43,
1.6.2.21 and 1.8.7.2. These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of Asterisk versions 1.4.43, 1.6.2.21, and 1.8.7.2 resolves
an issue
with possible remote enumeration of SIP endpoints with differing NAT
settings. The release of Asterisk versions 1.6.2.21 and 1.8.7.2 resolves a remote
crash
possibility with SIP when the "automon" feature is enabled. The issues and resolutions are described in the AST-2011-013…

Asterisk Users 3.7 years ago 0 Answers

Possible remote enumeration of SIP endpoints with differing NAT settings

Report
Question

Asterisk Project Security Advisory - AST-2011-013 Product Asterisk
Summary Possible remote enumeration of SIP endpoints with
differing NAT settings
Nature of Advisory Unauthorized data disclosure
Susceptibility Remote unauthenticated sessions
Severity Minor
Exploits Known Yes
Reported On 2011-07-18
Reported By Ben Williams
Posted On
Last Updated On December 7, 2011
Advisory Contact Terry Wilson
CVE Name Description It is possible to enumerate SIP usernames when the general
and user/peer NAT settings differ in whether to respond to
the port a request is sent from or…

Asterisk Users 3.7 years ago 3 Answers