[asterisk-bugs] [JIRA] (ASTERISK-25100) asterisk coredump if host has an IPv6 address that end with ::80
Mark Petersen (JIRA)
noreply at issues.asterisk.org
Wed May 20 01:25:32 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-25100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=226281#comment-226281 ]
Mark Petersen commented on ASTERISK-25100:
------------------------------------------
This can be used in a DOS attack
if you use host=dynamic and a peer registre from an IP that end on ::80 you can remotely crash asterisk
(Restricted to Confluence Users group)
> asterisk coredump if host has an IPv6 address that end with ::80
> ----------------------------------------------------------------
>
> Key: ASTERISK-25100
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25100
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/IPv6
> Affects Versions: 11.17.1, 13.3.2
> Environment: CentOS release 6.6 (Final) 64bit
> Reporter: Mark Petersen
> Severity: Critical
> Attachments: asterisk bt full.txt, asterisk thread apply all bt.txt, sip.conf
>
>
> if you have a host in sip.conf the end with ::80 asterisk will crash on reload and it will also not start with that address, as soon as you change it to something else, asterisk work as expected
> Program received signal SIGSEGV, Segmentation fault.
> 0x000000000045f96c in hash_ao2_iterator_next (self=0x21babe8, node=0x100000001, flags=0) at astobj2_hash.c:694
> 694 if (node->common.obj) {
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list