<<< Date Index >>>     <<< Thread Index >>>

ASA-2007-011: Multiple problems in SIP channel parser handling response codes



>                Asterisk Project Security Advisory - ASA-2007-011
> 
>    +------------------------------------------------------------------------+
>    |      Product       | Asterisk                                          |
>    |--------------------+---------------------------------------------------|
>    |      Summary       | Multiple problems in SIP channel parser handling  |
>    |                    | response codes                                    |
>    |--------------------+---------------------------------------------------|
>    | Nature of Advisory | Denial of Service                                 |
>    |--------------------+---------------------------------------------------|
>    |   Susceptibility   | Remote Unauthenticated Sessions                   |
>    |--------------------+---------------------------------------------------|
>    |      Severity      | Critical                                          |
>    |--------------------+---------------------------------------------------|
>    |   Exploits Known   | No                                                |
>    |--------------------+---------------------------------------------------|
>    |    Reported On     | March 20, 2007                                    |
>    |--------------------+---------------------------------------------------|
>    |    Reported By     | Mantis user ID 'qwerty1979'                       |
>    |--------------------+---------------------------------------------------|
>    |     Posted On      | April 24, 2007                                    |
>    |--------------------+---------------------------------------------------|
>    |  Last Updated On   | April 24, 2007                                    |
>    |--------------------+---------------------------------------------------|
>    |  Advisory Contact  | kpfleming@xxxxxxxxxx                              |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    | Description | Multiple problems have been identified in the Asterisk   |
>    |             | SIP channel driver (chan_sip) when handling response     |
>    |             | packets from other SIP endpoints.                        |
>    |             |                                                          |
>    |             | If the response packets did not contain a valid response |
>    |             | code in the first line of the UDP packet, the Asterisk   |
>    |             | SIP channel driver would fail to parse the packet        |
>    |             | properly and would cause the Asterisk process to die     |
>    |             | with a segmentation fault. This results in all active    |
>    |             | calls and other sessions being lost.                     |
>    |             |                                                          |
>    |             | More details about these issues can be found at          |
>    |             | http://bugs.digium.com/view.php?id=9313.                 |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    | Resolution | All users are urged to upgrade to the appropriate version |
>    |            | of their Asterisk product listed in the 'Corrected In'    |
>    |            | section below.                                            |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    |                           Affected Versions                            |
>    |------------------------------------------------------------------------|
>    |          Product          |   Release   |                              |
>    |                           |   Series    |                              |
>    |---------------------------+-------------+------------------------------|
>    |   Asterisk Open Source    |    1.0.x    | has not been evaluated as    |
>    |                           |             | this release series is no    |
>    |                           |             | longer maintained            |
>    |---------------------------+-------------+------------------------------|
>    |   Asterisk Open Source    |    1.2.x    | all releases prior to 1.2.18 |
>    |---------------------------+-------------+------------------------------|
>    |   Asterisk Open Source    |    1.4.x    | all releases prior to 1.4.3  |
>    |---------------------------+-------------+------------------------------|
>    | Asterisk Business Edition |    A.x.x    | all releases                 |
>    |---------------------------+-------------+------------------------------|
>    | Asterisk Business Edition |    B.x.x    | all releases prior to and    |
>    |                           |             | including B.1.3.2            |
>    |---------------------------+-------------+------------------------------|
>    |        AsteriskNOW        | pre-release | all releases prior to and    |
>    |                           |             | including Beta 5             |
>    |---------------------------+-------------+------------------------------|
>    |    Asterisk Appliance     |    0.x.x    | all releases prior to 0.4.0  |
>    |       Developer Kit       |             |                              |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    |                              Corrected In                              |
>    |------------------------------------------------------------------------|
>    |      Product       |                      Release                      |
>    |--------------------+---------------------------------------------------|
>    |   Asterisk Open    |         1.2.18 and 1.4.3, available from          |
>    |       Source       |    ftp://ftp.digium.com/pub/telephony/asterisk    |
>    |--------------------+---------------------------------------------------|
>    | Asterisk Business  |   B.1.3.3, available from the Asterisk Business   |
>    |      Edition       |  Edition user portal on http://www.digium.com or  |
>    |                    |           via Digium Technical Support            |
>    |--------------------+---------------------------------------------------|
>    |    AsteriskNOW     |            Beta 6, when available from            |
>    |                    | http://www.asterisknow.org, Beta 5 users can use  |
>    |                    |   use 'System Update' in the appliance control    |
>    |                    |   panel to update their version of AsteriskNOW    |
>    |--------------------+---------------------------------------------------|
>    | Asterisk Appliance |               0.4.0, available from               |
>    |   Developer Kit    |      ftp://ftp.digium.com/pub/telephony/aadk      |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    |       Links       | http://bugs.digium.com/view.php?id=9313            |
>    +------------------------------------------------------------------------+
> 
>    +------------------------------------------------------------------------+
>    | Asterisk Project Security Advisories are posted at                     |
>    | http://www.asterisk.org/security.                                      |
>    |                                                                        |
>    | This document may be superseded by later versions; if so, the latest   |
>    | version will be posted at                                              |
>    | http://www.asterisk.org/files/ASA-2007-011.pdf.                        |
>    +------------------------------------------------------------------------+
> 
>                Asterisk Project Security Advisory - ASA-2007-011
>               Copyright (c) 2007 Digium, Inc. All Rights Reserved.
>   Permission is hereby granted to distribute and publish this advisory in its
>                            original, unaltered form.