[Asterisk-Users] Asterisk Security vulnerability report

Michael Sandee ms at zeelandnet.nl
Thu Sep 11 00:42:42 MST 2003


What do you think a segfault is, eh? Please learn the basics before 
commenting on this. As the advisory clearly points out, you can fully 
overwrite the saved return address. Depending on the system you use (by 
default on Linux/FreeBSD all are possible) you can either alter the 
execution thread, execute arbitrary code on the stack (or other place 
where the user can inject code) and/or launch a ret-to-libc attack. 
Those are very trivial to do in case of a stack based buffer overflow 
(as this is). So stop this nonsense by doubting an advisory by a well 
known group.

Maybe you should be happy that people actually audit the code now 
instead of blackhats creating private exploits and gaining access to 
your * production machine and using it to wardial at other machines... 
Good luck with defending yourself in court if that happens. And lets not 
start the Full/No-Disclosure discussion again...

ms

Brian West wrote:

>Because as the advisory pointed out it "could" happen.  The likely thing
>to happen would be a segfault.  Then again it should have been pointed out
>instead of silently updated.
>
>bkw
>
>On Wed, 10 Sep 2003, Michael Sandee wrote:
>
>  
>
>>'proven'? Why post this bs... read the advisory, clearly shows they made
>>one and tested. Second its trivial to make one, if you see what is wrong
>>in the code.
>>
>>Original advisory should have been posted here at the date of release,
>>or announced by someone, but it wasn't... I guess some people are too
>>busy, can't blame them.
>>
>>Brian West wrote:
>>
>>    
>>
>>>Also it wasn't a proven exploit.  They said it "could allow an attacker to
>>>obtain remote and unauthenticated access".  And if pigs "could" fly I
>>>would be a rich man!
>>>
>>>bkw
>>>
>>>
>>>
>>>
>>>      
>>>
>>>>Read the security vulnerability.  It referenced CVS as of a certain
>>>>date.  If you aren't keeping up with CVS changes, why are you running
>>>>CVS at all?
>>>>
>>>>-Tilghman
>>>>
>>>>_______________________________________________
>>>>Asterisk-Users mailing list
>>>>Asterisk-Users at lists.digium.com
>>>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>>>
>>>>
>>>>
>>>>        
>>>>
>>>_______________________________________________
>>>Asterisk-Users mailing list
>>>Asterisk-Users at lists.digium.com
>>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>>
>>>
>>>
>>>
>>>      
>>>
>>_______________________________________________
>>Asterisk-Users mailing list
>>Asterisk-Users at lists.digium.com
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>    
>>
>_______________________________________________
>Asterisk-Users mailing list
>Asterisk-Users at lists.digium.com
>http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
>  
>




More information about the asterisk-users mailing list