[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] AST-2010-001: T.38 Remote Crash Vulnerability
- To: Asterisk Security Team <security@xxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] AST-2010-001: T.38 Remote Crash Vulnerability
- From: Jeff Williams <jeffwillis30@xxxxxxxxx>
- Date: Wed, 3 Feb 2010 10:12:49 +1100
You deserve a pwnie award for the worst advisory template.
2010/2/3 Asterisk Security Team <security@xxxxxxxxxxxx>
> Asterisk Project Security Advisory - AST-2010-001
>
>
> +------------------------------------------------------------------------+
> | Product | Asterisk
> |
>
> |----------------------+-------------------------------------------------|
> | Summary | T.38 Remote Crash Vulnerability
> |
>
> |----------------------+-------------------------------------------------|
> | Nature of Advisory | Denial of Service
> |
>
> |----------------------+-------------------------------------------------|
> | Susceptibility | Remote unauthenticated sessions
> |
>
> |----------------------+-------------------------------------------------|
> | Severity | Critical
> |
>
> |----------------------+-------------------------------------------------|
> | Exploits Known | No
> |
>
> |----------------------+-------------------------------------------------|
> | Reported On | 12/03/09
> |
>
> |----------------------+-------------------------------------------------|
> | Reported By | issues.asterisk.org users bklang and elsto
> |
>
> |----------------------+-------------------------------------------------|
> | Posted On | 02/03/10
> |
>
> |----------------------+-------------------------------------------------|
> | Last Updated On | February 2, 2010
> |
>
> |----------------------+-------------------------------------------------|
> | Advisory Contact | David Vossel < dvossel AT digium DOT com >
> |
>
> |----------------------+-------------------------------------------------|
> | CVE Name | CVE-2010-0441
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Description | An attacker attempting to negotiate T.38 over SIP can
> |
> | | remotely crash Asterisk by modifying the FaxMaxDatagram
> |
> | | field of the SDP to contain either a negative or
> |
> | | exceptionally large value. The same crash occurs when
> |
> | | the FaxMaxDatagram field is omitted from the SDP as
> |
> | | well.
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Resolution | Upgrade to one of the versions of Asterisk listed in the
> |
> | | "Corrected In" section, or apply a patch specified in the
> |
> | | "Patches" section.
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Affected Versions
> |
>
> |------------------------------------------------------------------------|
> | Product | Release Series |
> |
>
> |----------------------------------+----------------+--------------------|
> | Asterisk Open Source | 1.6.x | All versions
> |
>
> |----------------------------------+----------------+--------------------|
> | Asterisk Business Edition | C.3 | All versions
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Corrected In
> |
>
> |------------------------------------------------------------------------|
> | Product | Release
> |
>
> |------------------------------------------+-----------------------------|
> | Asterisk Open Source | 1.6.0.22
> |
>
> |------------------------------------------+-----------------------------|
> | Asterisk Open Source | 1.6.1.14
> |
>
> |------------------------------------------+-----------------------------|
> | Asterisk Open Source | 1.6.2.2
> |
>
> |------------------------------------------+-----------------------------|
> | | C.3.3.2
> |
>
> +------------------------------------------------------------------------+
>
>
> +-------------------------------------------------------------------------+
> | Patches
> |
>
> |-------------------------------------------------------------------------|
> | SVN URL
> |Branch|
>
> |------------------------------------------------------------------+------|
> |
> http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff|v1.6.0|<http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff%7Cv1.6.0%7C>
>
> |------------------------------------------------------------------+------|
> |
> http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff|v1.6.1|<http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff%7Cv1.6.1%7C>
>
> |------------------------------------------------------------------+------|
> |
> http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff|v1.6.2|<http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff%7Cv1.6.2%7C>
>
> +-------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Links | https://issues.asterisk.org/view.php?id=16634
> |
> | |
> |
> | | https://issues.asterisk.org/view.php?id=16724
> |
> | |
> |
> | | https://issues.asterisk.org/view.php?id=16517
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Asterisk Project Security Advisories are posted at
> |
> | http://www.asterisk.org/security
> |
> |
> |
> | This document may be superseded by later versions; if so, the latest
> |
> | version will be posted at
> |
> | http://downloads.digium.com/pub/security/.pdf and
> |
> | http://downloads.digium.com/pub/security/.html
> |
>
> +------------------------------------------------------------------------+
>
>
> +------------------------------------------------------------------------+
> | Revision History
> |
>
> |------------------------------------------------------------------------|
> | Date | Editor | Revisions Made
> |
>
> |----------------+----------------------+--------------------------------|
> | 02/02/10 | David Vossel | Initial release
> |
>
> +------------------------------------------------------------------------+
>
> Asterisk Project Security Advisory - AST-2010-001
> Copyright (c) 2010 Digium, Inc. All Rights Reserved.
> Permission is hereby granted to distribute and publish this advisory in
> its
> original, unaltered form.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/