[asterisk-security] AST-2009-010: RTP Remote Crash Vulnerability

Asterisk Security Team security at asterisk.org
Mon Nov 30 15:58:49 CST 2009


               Asterisk Project Security Advisory - AST-2009-010

   +------------------------------------------------------------------------+
   |       Product        | Asterisk                                        |
   |----------------------+-------------------------------------------------|
   |       Summary        | RTP Remote Crash Vulnerability                  |
   |----------------------+-------------------------------------------------|
   |  Nature of Advisory  | Denial of Service                               |
   |----------------------+-------------------------------------------------|
   |    Susceptibility    | Remote unauthenticated sessions                 |
   |----------------------+-------------------------------------------------|
   |       Severity       | Critical                                        |
   |----------------------+-------------------------------------------------|
   |    Exploits Known    | No                                              |
   |----------------------+-------------------------------------------------|
   |     Reported On      | November 13, 2009                               |
   |----------------------+-------------------------------------------------|
   |     Reported By      | issues.asterisk.org user amorsen                |
   |----------------------+-------------------------------------------------|
   |      Posted On       | November 30, 2009                               |
   |----------------------+-------------------------------------------------|
   |   Last Updated On    | November 30, 2009                               |
   |----------------------+-------------------------------------------------|
   |   Advisory Contact   | David Vossel < dvossel AT digium DOT com >      |
   |----------------------+-------------------------------------------------|
   |       CVE Name       | CVE-2009-4055                                   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | An attacker sending a valid RTP comfort noise payload    |
   |             | containing a data length of 24 bytes or greater can      |
   |             | remotely crash Asterisk.                                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Upgrade to one of the versions of Asterisk listed in the  |
   |            | "Corrected In" section, or apply a patch specified in the |
   |            | "Patches" section.                                        |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |             Product              | Release Series |                    |
   |----------------------------------+----------------+--------------------|
   |       Asterisk Open Source       |     1.2.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |       Asterisk Open Source       |     1.4.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |       Asterisk Open Source       |     1.6.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |    Asterisk Business Edition     |     B.x.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |    Asterisk Business Edition     |     C.x.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |    s800i (Asterisk Appliance)    |     1.3.x      | All versions       |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                   Product                   |         Release          |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |          1.2.37          |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.4.27.1         |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.6.0.19         |
   |---------------------------------------------+--------------------------|
   |            Asterisk Open Source             |         1.6.1.11         |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         B.2.5.13         |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         C.2.4.6          |
   |---------------------------------------------+--------------------------|
   |          Asterisk Business Edition          |         C.3.2.3          |
   |---------------------------------------------+--------------------------|
   |         S800i (Asterisk Appliance)          |         1.3.0.6          |
   +------------------------------------------------------------------------+

 +-----------------------------------------------------------------------------+
 |                                   Patches                                   |
 |-----------------------------------------------------------------------------|
 |                                 Link                                 |Branch|
 |----------------------------------------------------------------------+------|
 |http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt  |1.2   |
 |----------------------------------------------------------------------+------|
 |http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt  |1.4   |
 |----------------------------------------------------------------------+------|
 |http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt|1.6.0 |
 |----------------------------------------------------------------------+------|
 |http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt|1.6.1 |
 +-----------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |     Links      | https://issues.asterisk.org/view.php?id=16242         |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security                                       |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://downloads.digium.com/pub/security/AST-2009-010.pdf and          |
   | http://downloads.digium.com/pub/security/AST-2009-010.html             |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |       Date       |       Editor        |        Revisions Made         |
   |------------------+---------------------+-------------------------------|
   | 2009-09-03       | David Vossel        | Initial release               |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2009-010
              Copyright (c) 2009 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.




More information about the asterisk-security mailing list