Asterisk: Multiple vulnerabilities
1.
Gentoo Linux Security Advisory
Version Information
| Advisory Reference |
GLSA 200802-11 / asterisk |
| Release Date |
February 26, 2008 |
| Latest Revision |
February 26, 2008: 01 |
| Impact |
high |
| Exploitable |
remote |
| Package |
Vulnerable versions |
Unaffected versions |
Architecture(s) |
| net-misc/asterisk |
<
1.2.21.1-r1 |
revision >=
1.2.17-r1,
>=
1.2.21.1-r1 |
All supported architectures
|
Related bugreports:
#185713
Synopsis
Multiple vulnerabilities have been found in Asterisk.
2.
Impact Information
Background
Asterisk is an open source telephony engine and tool kit.
Description
Multiple vulnerabilities have been found in Asterisk:
- Russel Bryant reported a stack buffer overflow in the IAX2 channel
driver (chan_iax2) when bridging calls between chan_iax2 and any
channel driver that uses RTP for media (CVE-2007-3762).
- Chris
Clark and Zane Lackey (iSEC Partners) reported a NULL pointer
dereference in the IAX2 channel driver (chan_iax2)
(CVE-2007-3763).
- Will Drewry (Google Security) reported a
vulnerability in the Skinny channel driver (chan_skinny), resulting in
an overly large memcpy (CVE-2007-3764).
- Will Drewry (Google
Security) reported a vulnerability in the IAX2 channel driver
(chan_iax2), that does not correctly handle unauthenticated
transactions using a 3-way handshake (CVE-2007-4103).
Impact
By sending a long voice or video RTP frame, a remote attacker could
possibly execute arbitrary code on the target machine. Sending
specially crafted LAGRQ or LAGRP frames containing information elements
of IAX frames, or a certain data length value in a crafted packet, or
performing a flood of calls not completing a 3-way handshake, could
result in a Denial of Service.
3.
Resolution Information
Workaround
There is no known workaround at this time.
Resolution
All Asterisk users should upgrade to the latest version:
Code Listing 3.1: Resolution |
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.2.17-r1"
|
4.
References
|
