OSVDB ID: 29972

Title: Asterisk Skinny Channel Driver (chan_skinny) get_input Function Remote Overflow

Info

Disclosure
Oct 18, 2006

Discovery
Unknown

Dates

Exploit
Oct 19, 2006

Solution
Unknown

Description

 A remote overflow exists in Asterisk. The function get_input in chan_skinny.c fails to check integer values resulting in a heap overflow. With a specially crafted request, an attacker can cause the service to terminate or possibly execute arbitrary code.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

 Upgrade to version 1.0.12 or 1.2.13 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Digium

Asterisk

 1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.0.10
1.0.11
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.2.10
1.2.11
1.2.12

References

Credit
  • Adam Boileau - adam.boileausecurity-assessment.com - Security-Assessment.com


Direct URL: http://osvdb.org/29972