[asterisk-bugs] [Asterisk 0018121]: Early bind of UDPTL ports can create a DoS condition

Asterisk Bug Tracker noreply at bugs.digium.com
Thu Oct 14 15:53:28 CDT 2010 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=18121 
====================================================================== 
Reported By:                ebroad
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   18121
Category:                   Channels/chan_sip/T.38
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     acknowledged
Asterisk Version:           SVN 
JIRA:                       SWP-2360 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2010-10-12 10:11 CDT
Last Modified:              2010-10-14 15:53 CDT
====================================================================== 
Summary:                    Early bind of UDPTL ports can create a DoS condition
Description: 
The issue is that we bind udptl ports early on in the game, in sip_alloc(),
which can exhaust the port limit in udptl.conf quite quickly, when a flood
of invites from a (rogue) scanner with a udptl sdp payload is processed by
Asterisk. Even though the invite is ultimately challenged and/or rejected,
the port is bound, and is not released until the 32 second retry before
destroy window is up, and once all the ports are bound, service will be
denied to legitimate calls; bear in mind we don't do this with voice, video
and text ports.
======================================================================
Relationships       ID      Summary
----------------------------------------------------------------------
related to          0018014 large memory consumption of udptl.c module
related to          0017255 [patch] UDP ports not freed/ports leaking
====================================================================== 

---------------------------------------------------------------------- 
 (0128062) schmidts (manager) - 2010-10-14 15:53
 https://issues.asterisk.org/view.php?id=18121#c128062 
---------------------------------------------------------------------- 
btw nice catch ;) 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2010-10-14 15:53 schmidts       Note Added: 0128062                          
======================================================================

More information about the asterisk-bugs mailing list