[Asterisk-bugs] [Asterisk 0010120]: DoS (as a crash or not) when the Call-Id: of successive SUBSCRIBE packets is identical + Authentication
noreply at bugs.digium.com
noreply at bugs.digium.com
Mon Jul 9 03:15:40 CDT 2007
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=10120
======================================================================
Reported By: clegall_proformatique
Assigned To: russell
======================================================================
Project: Asterisk
Issue ID: 10120
Category: Channels/chan_sip/Subscriptions
Reproducibility: always
Severity: crash
Priority: normal
Status: feedback
Asterisk Version: 1.2.19
SVN Branch (only for SVN checkouts, not tarball releases): 1.2
SVN Revision (number only!): 69597
Disclaimer on File?: No
Request Review:
======================================================================
Date Submitted: 07-05-2007 12:11 CDT
Last Modified: 07-09-2007 03:15 CDT
======================================================================
Summary: DoS (as a crash or not) when the Call-Id: of
successive SUBSCRIBE packets is identical + Authentication
Description:
This happens on Asterisk versions 1.2.18, 1.2.19 and 1.2.20. Not in
Asterisk 1.4.
Let's consider a SIP account used as a watcher that SUBSCRIBEs with an
application/pidf+xml feature.
If :
- this watcher account has a password defined ("secret" field in
sip.conf)
- the successive SUBSCRIBE packets are sent with the SAME "Call-Id"
field
Once 2 (or more) such SUBSCRIBE packets have been sent, then sooner or
later the Asterisk application will be unavailable, either :
- it will crash (segfault)
- no more SIP call will be issued
Issuing SIP calls meanwhile will speed up this happening.
Maybe this is related to 0009836 ?
======================================================================
----------------------------------------------------------------------
clegall_proformatique - 07-09-07 03:15
----------------------------------------------------------------------
russell : these last revisions look OK. more than 600 SIP calls succeded on
the line.
oej : do you want a SIP debug for the failing or for the succeeding
version ?
Issue History
Date Modified Username Field Change
======================================================================
07-09-07 03:15 clegall_proformatiqueNote Added: 0066777
======================================================================
More information about the Asterisk-bugs
mailing list