[asterisk-bugs] [Asterisk 0010120]: DoS (as a crash or not) when the Call-Id: of successive SUBSCRIBE packets is identical + Authentication
noreply at bugs.digium.com
noreply at bugs.digium.com
Thu Aug 9 10:34:30 CDT 2007
The following issue has been RESOLVED.
======================================================================
http://bugs.digium.com/view.php?id=10120
======================================================================
Reported By: clegall_proformatique
Assigned To: russell
======================================================================
Project: Asterisk
Issue ID: 10120
Category: Channels/chan_sip/Subscriptions
Reproducibility: always
Severity: crash
Priority: normal
Status: resolved
Asterisk Version: 1.2.19
SVN Branch (only for SVN checkouts, not tarball releases): 1.2
SVN Revision (number only!): 69597
Disclaimer on File?: No
Request Review:
Resolution: fixed
Fixed in Version:
======================================================================
Date Submitted: 07-05-2007 12:11 CDT
Last Modified: 08-09-2007 10:34 CDT
======================================================================
Summary: DoS (as a crash or not) when the Call-Id: of
successive SUBSCRIBE packets is identical + Authentication
Description:
This happens on Asterisk versions 1.2.18, 1.2.19 and 1.2.20. Not in
Asterisk 1.4.
Let's consider a SIP account used as a watcher that SUBSCRIBEs with an
application/pidf+xml feature.
If :
- this watcher account has a password defined ("secret" field in
sip.conf)
- the successive SUBSCRIBE packets are sent with the SAME "Call-Id"
field
Once 2 (or more) such SUBSCRIBE packets have been sent, then sooner or
later the Asterisk application will be unavailable, either :
- it will crash (segfault)
- no more SIP call will be issued
Issuing SIP calls meanwhile will speed up this happening.
Maybe this is related to 0009836 ?
======================================================================
----------------------------------------------------------------------
russell - 08-09-07 10:34
----------------------------------------------------------------------
Closing as fixed
Issue History
Date Modified Username Field Change
======================================================================
08-09-07 10:34 russell Status feedback => resolved
08-09-07 10:34 russell Resolution open => fixed
08-09-07 10:34 russell Note Added: 0068661
======================================================================
More information about the asterisk-bugs
mailing list