[asterisk-bugs] [JIRA] (ASTERISK-25100) asterisk coredump if host has an IPv6 address that end with ::80

Mark Petersen (JIRA) noreply at issues.asterisk.org
Wed May 20 01:25:32 CDT 2015


    [ https://issues.asterisk.org/jira/browse/ASTERISK-25100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=226281#comment-226281 ] 

Mark Petersen commented on ASTERISK-25100:
------------------------------------------

This can be used in a DOS attack
if you use host=dynamic and a peer registre from an IP that end on ::80 you can remotely crash asterisk
(Restricted to Confluence Users group)
> asterisk coredump if host has an IPv6 address that end with ::80
> ----------------------------------------------------------------
>
>                 Key: ASTERISK-25100
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25100
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/IPv6
>    Affects Versions: 11.17.1, 13.3.2
>         Environment: CentOS release 6.6 (Final) 64bit
>            Reporter: Mark Petersen
>            Severity: Critical
>         Attachments: asterisk bt full.txt, asterisk thread apply all bt.txt, sip.conf
>
>
> if you have a host in sip.conf the end with ::80 asterisk will crash on reload and it will also not start with that address, as soon as you change it to something else, asterisk work as expected
> Program received signal SIGSEGV, Segmentation fault.
> 0x000000000045f96c in hash_ao2_iterator_next (self=0x21babe8, node=0x100000001, flags=0) at astobj2_hash.c:694
> 694					if (node->common.obj) {



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list