[asterisk-bugs] [Asterisk 0010120]: DoS (as a crash or not) when the Call-Id: of successive SUBSCRIBE packets is identical + Authentication

noreply at bugs.digium.com noreply at bugs.digium.com
Thu Aug 9 10:34:30 CDT 2007 

The following issue has been RESOLVED. 
====================================================================== 
http://bugs.digium.com/view.php?id=10120 
====================================================================== 
Reported By:                clegall_proformatique
Assigned To:                russell
====================================================================== 
Project:                    Asterisk
Issue ID:                   10120
Category:                   Channels/chan_sip/Subscriptions
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     resolved
Asterisk Version:            1.2.19  
SVN Branch (only for SVN checkouts, not tarball releases):  1.2  
SVN Revision (number only!): 69597 
Disclaimer on File?:        No 
Request Review:              
Resolution:                 fixed
Fixed in Version:           
====================================================================== 
Date Submitted:             07-05-2007 12:11 CDT
Last Modified:              08-09-2007 10:34 CDT
====================================================================== 
Summary:                    DoS (as a crash or not) when the Call-Id: of
successive SUBSCRIBE packets is identical + Authentication
Description: 
This happens on Asterisk versions 1.2.18, 1.2.19 and 1.2.20. Not in
Asterisk 1.4.

Let's consider a SIP account used as a watcher that SUBSCRIBEs with an
application/pidf+xml feature.
If :
 - this watcher account has a password defined ("secret" field in
sip.conf)
 - the successive SUBSCRIBE packets are sent with the SAME "Call-Id"
field

Once 2 (or more) such SUBSCRIBE packets have been sent, then sooner or
later the Asterisk application will be unavailable, either :
 - it will crash (segfault)
 - no more SIP call will be issued

Issuing SIP calls meanwhile will speed up this happening.

Maybe this is related to 0009836 ?

====================================================================== 

---------------------------------------------------------------------- 
 russell - 08-09-07 10:34  
---------------------------------------------------------------------- 
Closing as fixed 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
08-09-07 10:34  russell        Status                   feedback => resolved
08-09-07 10:34  russell        Resolution               open => fixed       
08-09-07 10:34  russell        Note Added: 0068661                          
======================================================================

More information about the asterisk-bugs mailing list