Asterisk Security Advisory – AST-2010-001: T.38 Remote Crash Vulnerability

Posted by admin in Asterisk Security Advisories, Security Advisories, asterisk, sip, t.38 on February 2, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

Asterisk Project Security AdvisoryAST-2010-001

Product Asterisk
Summary T.38 Remote Crash Vulnerability
Nature of Advisory Denial of Service
Susceptibility Remote unauthenticated sessions
Severity Critical
Exploits Known No
Reported On 12/03/09
Reported By issues.asterisk.org users bklang and elsto
Posted On 02/03/10
Last Updated On February 2, 2010
Advisory Contact David Vossel < dvossel AT digium DOT com >
CVE Name CVE-2010-0441

Read the rest of this entry »

, , , , , ,

No Comments

Asterisk 1.6.0.22, Asterisk 1.6.1.14, Asterisk 1.6.2.2 Released

Posted by admin in Asterisk Security Advisories, Releases, Security Advisories, asterisk, sip, t.38 on February 2, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced security releases for Asterisk as the following versions:

These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix described in security advisory AST-2010-001.

The issue is that an attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash will occur when the FaxMaxDatagram field is omitted from the SDP, as well.

For more information about the details of this vulnerability, please read the security advisory AST-2010-001, which was released at the same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLog:

Security advisory AST-2010-001 is available at:
http://asterisk.net.ru/en/2010/02/03/asterisk-security-advisory-ast-2010-001-t-38-remote-crash-vulnerability/

Thank you for your continued support of Asterisk!

, , , , , , , , , , ,

No Comments

DAHDI-Linux 2.2.1, DAHDI-Tools 2.2.1, And DAHDI-Linux-Complete 2.2.1+2.2.1 Now Available

Posted by admin in dahdi, dahdi-linux, dahdi-linux-complete, dahdi-tools, vpmadt032 on January 20, 2010

DAHDI - Digium Asterisk Hardware Device Interface

DAHDI - Digium Asterisk Hardware Device Interface

The Asterisk Development Team is pleased to announce the release of DAHDI-Linux and DAHDI-Tools version 2.2.1.

DAHDI-Linux 2.2.1, DAHDI-Tools 2.2.1, and DAHDI-Linux-Complete are available for immediate download at:

These releases contain bug fixes and modifications to accommodate interface changes in Linux kernels up to 2.6.32. A few of the more noteworthy changes in these releases from the previous release are:

  • Reference counts are properly maintained on the echo canceler modules (issue#13504).
  • Better alarm debouncing for wct4xxp and wcte12xp drivers per AT&T 54016.
  • Support for extra HFC-4S and HFC-8S BRI cards in wcb4xxp.
  • dahdi_dummy will not lock up when a time-shift is detected (issue #15647).
  • T1 CAS support in the xpp “PRI” (E1/T1) module.
  • T1 CAS configuration generation support in dahdi_genconf. Default remains ISDN.
  • Much less verbose xpp firmware loading.
  • wcfxo resets DAA on initialization (issue #14232).
  • VPMADT032 firmware update to 1.20.

For a full list of changes in these releases, please see the ChangeLogs at:

Issues found in these releases can be reported at http://issues.asterisk.org

Thank you for your continued support of Asterisk!

, , , ,

No Comments

Asterisk 1.6.2.1 Now Available

Posted by admin in Releases, asterisk on January 15, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced the release of Asterisk 1.6.2.1.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.6.2.1 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!

  • CLI ‘queue show’ formatting fix.
    (Closes issue #16078. Reported by RoadKill. Tested by dvossel. Patched by ppyy.)
  • Fix misreverting from 177158.
    (Closes issue #15725. Reported, Tested by shanermn. Patched by dimas.)
  • Fixes subscriptions being lost after ‘module reload’.
    (Closes issue #16093. Reported by jlaroff. Patched by dvossel.)
  • app_queue segfaults if realtime field uniqueid is NULL
    (Closes issue #16385. Reported, Tested, Patched by haakon.)
  • Fix to Monitor which previously assumed the file to write to did not contain pathing.
    (Closes issue #16377#16376. Reported by bcnit. Patched by dant.

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.1-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , ,

No Comments

Asterisk 1.6.1.13 Now Available

Posted by admin in Releases, asterisk on January 15, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced the release of Asterisk 1.6.1.13.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.6.1.13 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!

  • Restarts busydetector (if enabled) when DTMF is received after call is bridged
    (Closes issue #16389. Reported, Tested, Patched by alecdavis.)
  • Send parking lot announcement to the channel which parked the call, not the park-ee.
    (Closes issue #16234. Reported, Tested by yeshuawatso. Patched by tilghman.)
  • When the field is blank, don’t warn about the field being unable to be coerced just skip the column.
    (Closes http://lists.digium.com/pipermail/asterisk-dev/2009-December/041362.html)
    Reported by Nic Colledge on the -dev list.)
  • Don’t queue frames to channels that have no means to process them.
    (Closes issue #15609. Reported, Tested by aragon. Patched by tilghman.)
  • Fixes holdtime playback issue in app_queue.
    (Closes issue #16168. Reported, Patched by nickilo. Tested by wonderg, nickilo.)

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , , , , , ,

No Comments

Asterisk 1.6.0.21 Now Available

Posted by admin in Releases, asterisk, sip on January 15, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced the release of Asterisk 1.6.0.21.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.6.0.21 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!

  • Fix to Monitor which previously assumed the file to write to did not contain pathing.
    (Closes issue #16377#16376. Reported by bcnit. Patched by dant.
  • If EXEC only gets a single argument, don’t crash when the second is used.
    (Closes issue #16504. Reported by bklang. Patched by tilghman.)
  • Avoid a crash with large numbers of MeetMe conferences.
    (Closes issue #16509. Reported by Kashif Raza. Tested, Patched by seanbright.)
  • Try a test compile to see if PTHREAD_ONCE_INIT requires extra braces (for Solaris 10).
    (Patched by seanbright.)
  • Allow “REMAINDER” to function properly in expressions.
    (Closes issue #16427. Reported, Patched by wdoekes.)
  • Shut down the SIP session timers more gracefully, in order to prevent a possible crash.
    (Reported, Tested by corruptor. Patched by tilghman.)
  • Fix channel name comparison for Bridge() application.
    (Closes issue #16528. Reported, Patched by telecos82.)

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.0.21-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.21

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , , , , ,

No Comments

Asterisk 1.4.29 Now Available

Posted by admin in Releases, asterisk, sip, t.38 on January 15, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced the release of Asterisk 1.4.29.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.4.29 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!

  • Fix to Monitor which previously assumed the file to write to did not contain pathing.
    (Closes issue #16377#16376. Reported by bcnit. Patched by dant.
  • Propertly set T.38 attributes and don’t return before T.38 ports are configured when T.38 is found but no audio stream is found.
    (Closes issue #16318. Reported by bird_of_Luck. Tested by vrban, mihaill. Patched by vrban, mnicholson.)
  • Avoid crashes with large numbers of MeetMe conferences.
    (Closes issue #16509. Reported by Kashif Raza. Tested, Patched by seanbright.)
  • Change in ’sip show channels’ display format allowing more digits for CID.
    (Closes issue #16459. Reported, Patched by Rzadzins.
  • Revise documentation on disposition values to the actual values used.
    (Closes issue #16289. Reported by wdoekes.)

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.29-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.29

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , , , , , ,

No Comments

Asterisk 1.4.29-rc1, Asterisk 1.6.0.21-rc1, Asterisk 1.6.1.13-rc1, Asterisk 1.6.2.1-rc1 Released

Posted by admin in Release Candidates, asterisk on January 11, 2010

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced release candidates (RC1) for Asterisk versions 1.4.29, 1.6.0.21, 1.6.1.13, and 1.6.2.1. These release candidates are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release candidates address issues that were reported by the community and resolved since the last round of bug fix releases.

For a full list of changes in the current release candidates, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.29-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.21-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.13-rc1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1-rc1

For a summary of the issues found in these release candidates, please see the summary files:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.29-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.0.21-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.1.13-rc1-summary.html
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.2.1-rc1-summary.html

Issues found in any of these release candidates should be reported to the Asterisk issue tracker at http://issues.asterisk.org

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , , , , ,

No Comments

Fax For Asterisk 1.1.6 Release Announcement

Posted by admin in asterisk, codecs, digium, g.711, t.38 on January 7, 2010

T.38 fax for Asterisk

T.38 fax for Asterisk

Digium is pleased to announce the release of version 1.1.6 of its Fax For Asterisk product, a commercial grade FAX add-on module for open source Asterisk.

This release contains a number of significant improvements, including:

  • Support for 64-bit Linux installations.
  • Reduction in resource consumption, and increase in performance, of T.38 session handling.
  • Simplification of session handling during transition from G.711 to T.38 mode.
  • Adoption of the latest Asterisk T.38 negotiation API, ensuring interoperability with a wide range of T.38 endpoints.

Version 1.1.6 of Fax For Asterisk is available for immediate download at http://www.digium.com/en/docs/FAX/faa-download.php. Note that because this release uses the very latest T.38 negotiation mechanism in Asterisk, it is not compatible with all released versions of Asterisk. The Fax For Asterisk download selector lists the Asterisk versions supported by this release.

For more information about Fax For Asterisk, please visit the product page.

Thank you for your support!
Read the rest of this entry »

, , , , , ,

No Comments

Asterisk 1.6.0.20 Now Available

Posted by admin in Releases, asterisk, t.38 on December 18, 2009

Asterisk The Open Source PBX & Telephony Platform

Asterisk The Open Source PBX & Telephony Platform

The Asterisk Development Team has announced the release of Asterisk 1.6.0.20.
This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/

The release of Asterisk 1.6.0.20 resolved several issues reported by the community, and would have not been possible without your participation. Thank you!

  • clarify requirecalltoken option in iax.sample.conf (closes issue #16223), reported, patched by: bklang
  • Prevent double closing of FDs by EIVR (closes issue #16305), reported by: diLLec, patched, tested by: thedavidfactor
  • Fix multiple issues with musiconhold, which led to classes not getting destroyed properly. (closes issues #16279#16207), reported by: parisioa, dcabot, patched by: tilghman, tested by: parisioa, tilghman
  • Send ack (response/message) after receiving manager action userevent (closes issue #16264), reported, patched by: dimas
  • Make manager response to “Action: events” finish with empty line (closes issue #16275), reported, patched by: vnovy

This release also contains significant improvements to T.38 support. Anyone who has tried T.38 faxing in the past should try again as most problems should now be resolved.

A summary of changes in this release can be found in the release summary:
http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.6.0.20-summary.txt

For a full list of changes in this releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.20

Thank you for your continued support of Asterisk!
Read the rest of this entry »

, , , , , , , ,

No Comments