Archive for category Security Advisories
Asterisk Security Releases: AST-2011-001
Posted by admin in asterisk, Asterisk Security Releases on January 18, 2011
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced security releases for the following versions of Asterisk:
- 1.4.38.1
- 1.4.39.1
- 1.6.1.21
- 1.6.2.15.1
- 1.6.2.16.1
- 1.8.1.2
- 1.8.2.1
These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases
The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2, 1.8.1.2, and 1.8.2.1 resolve an issue when forming an outgoing SIP request while in pedantic mode, which can cause a stack buffer to be made to overflow if supplied with carefully crafted caller ID information. The issue and resolution are described in the AST-2011-001 security advisory.
For more information about the details of this vulnerability, please read the security advisory AST-2011-001, which was released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-…
Security advisory AST-2011-001 is available at:
http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
Thank you for your continued support of Asterisk!
AST-2011-001: Stack buffer overflow in SIP channel driver
Posted by admin in asterisk, Asterisk Security Advisories, Security Advisories, sip on January 11, 2011
Asterisk Project Security Advisory - AST-2011-001
| Product | Asterisk |
| Summary | Stack buffer overflow in SIP channel driver |
| Nature of Advisory | Exploitable Stack Buffer Overflow |
| Susceptibility | Remote Authenticated Sessions |
| Severity | Moderate |
| Exploits Known | No |
| Reported On | January 11, 2011 |
| Reported By | Matthew Nicholson |
| Posted On | January 18, 2011 |
| Last Updated On | January 20, 2011 |
| Advisory Contact | Matthew Nicholson <mnicholson@digium.com> |
| CVE Name | CVE-2011-0495 |
| Description | When forming an outgoing SIP request while in pedantic mode, a stack buffer can be made to overflow if supplied with carefully crafted caller ID information. This vulnerability also affects the URIENCODE dialplan function and in some versions of asterisk, the AGI dialplan application as well. The ast_uri_encode function does not properly respect the size of its output buffer and can write past the end of it when encoding URIs. |
Asterisk Security Advisory – AST-2010-001: T.38 Remote Crash Vulnerability
Posted by admin in asterisk, Asterisk Security Advisories, Security Advisories, sip, t.38 on February 3, 2010
Asterisk The Open Source PBX & Telephony Platform
Asterisk Project Security Advisory - AST-2010-001
| Product | Asterisk |
| Summary | T.38 Remote Crash Vulnerability |
| Nature of Advisory | Denial of Service |
| Susceptibility | Remote unauthenticated sessions |
| Severity | Critical |
| Exploits Known | No |
| Reported On | 12/03/09 |
| Reported By | issues.asterisk.org users bklang and elsto |
| Posted On | 02/03/10 |
| Last Updated On | February 2, 2010 |
| Advisory Contact | David Vossel < dvossel AT digium DOT com > |
| CVE Name | CVE-2010-0441 |
Asterisk 1.6.0.22, Asterisk 1.6.1.14, Asterisk 1.6.2.2 Released
Posted by admin in asterisk, Asterisk Security Advisories, Releases, Security Advisories, sip, t.38 on February 3, 2010
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team has announced security releases for Asterisk as the following versions:
These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The releases of Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 include the fix described in security advisory AST-2010-001.
The issue is that an attacker attempting to negotiate T.38 over SIP can remotely crash Asterisk by modifying the FaxMaxDatagram field of the SDP to contain either a negative or exceptionally large value. The same crash will occur when the FaxMaxDatagram field is omitted from the SDP, as well.
For more information about the details of this vulnerability, please read the security advisory AST-2010-001, which was released at the same time as this announcement.
For a full list of changes in the current releases, please see the ChangeLog:
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.22
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.14
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.2
Security advisory AST-2010-001 is available at:
http://asterisk.net.ru/en/2010/02/03/asterisk-security-advisory-ast-2010-001-t-38-remote-crash-vulnerability/
Thank you for your continued support of Asterisk!
Asterisk Security Advisory – AST-2009-005: Remote Crash Vulnerability in SIP channel driver
Posted by admin in asterisk, Asterisk Security Advisories, Security Advisories, sip on August 11, 2009
Asterisk The Open Source PBX & Telephony Platform
Additionally note that while this can crash Asterisk, execution of arbitrary code is not possible with this vector.
Upgrade Asterisk to one of the releases listed below.
|
Product |
Asterisk |
|
Summary |
Remote Crash Vulnerability in SIP channel driver |
|
Nature of Advisory |
Denial of Service |
|
Susceptibility |
Remote Unauthenticated Sessions |
|
Severity |
Critical in 1.6.1; minor in lesser versions |
|
Exploits Known |
No |
|
Reported On |
July 28, 2009 |
|
Reported By |
Nick Baggott < nbaggott AT mudynamics DOT com > |
|
Posted On |
August 10, 2009 |
|
Last Updated On |
August 10, 2009 |
|
Advisory Contact |
Tilghman Lesher < tlesher AT digium DOT com > |
|
CVE Name |
CVE-2009-2726 |
Asterisk 1.2.34, Asterisk 1.4.26.1, Asterisk 1.6.0.13, and Asterisk 1.6.1.4 released
Posted by admin in asterisk, Asterisk Security Advisories, Releases, Security Advisories on August 11, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the releases of 1.2.34, 1.4.26.1, 1.6.0.13, and 1.6.1.4. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/
The release of 1.6.1.4 fixes a remote crash security vulnerability in the SIP stack. Although this crash was not demonstrated in any other version, the details of the vulnerability suggested the possibility that related attacks might be possible in the future. We therefore opted to release new versions of all current releases with these fixes applied. For more information about the details of this vulnerability, please read the security advisory AST-2009-005, which was released at the same time as this announcement.
In addition, Asterisk users may notice that we skipped the version numbers 1.6.0.11 and 1.6.1.3. This was intentional, in an effort to avoid confusion about what a particular release contains. Both of those version numbers had candidates for releases made, so backtracking on those changes in a release with the same version number might be confusing. Those release candidates will be reissued with additional bugfixes, as 1.6.0.14-rc1 and 1.6.1.5-rc1, respectively.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.2.34
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.4.26.1
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.0.13
http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.1.4
Thank you for your continued support of Asterisk!
Asterisk Security Advisory – AST-2009-004
Posted by admin in asterisk, Asterisk Security Advisories, Security Advisories on August 3, 2009
Asterisk The Open Source PBX & Telephony Platform
Asterisk Project Security Advisory – AST-2009-004
An attacker can cause Asterisk to crash remotely by sending malformed RTP text frames. While the attacker can cause Asterisk to crash, he cannot execute arbitrary remote code with this exploit.
Users should upgrade to a version listed in the “Corrected In” section below.
|
Product |
Asterisk |
|
Summary |
Remote Crash Vulnerability in RTP stack |
|
Nature of Advisory |
Exploitable Crash |
|
Susceptibility |
Remote unauthenticated sessions |
|
Severity |
Critical |
|
Exploits Known |
No |
|
Reported On |
July 27, 2009 |
|
Reported By |
Marcus Hunger <hunger AT sipgate DOT de> |
|
Posted On |
August 2, 2009 |
|
Last Updated On |
August 2, 2009 |
|
Advisory Contact |
Mark Michelson <mmichelson AT digium DOT com> |
|
CVE Name |
Asterisk 1.6.0.11-rc2, 1.6.1.2, 1.6.1.3-rc1, and 1.6.2.0-beta4 Release Announcement
Posted by admin in asterisk, Asterisk Security Advisories, Release Candidates, Releases, Security Advisories, t.38 on August 3, 2009
Asterisk The Open Source PBX & Telephony Platform
The Asterisk Development Team is pleased to announce the the second release candidate of 1.6.0.11, the release of 1.6.1.2, the first release candidate of 1.6.1.3, and the fourth beta of 1.6.2.0. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/.
The release of 1.6.1.2 fixes a remote crash security vulnerability in the RTP stack. The related security advisory AST-2009-004 has been released along with this announcement. Please read that advisory for more information.
The release candidates and betas, in addition to other fixes, contain a major re-work of the T.38 support in Asterisk. If you’ve been having trouble with T.38 in the 1.6 series, you are strongly encouraged to try one of these release candidates to determine if these changes fixed your T.38 issues.
-
You are currently browsing the archives for the Security Advisories category.
