Info

Disclosure

Mar 04, 2007

Discovery

Unknown

Dates

Exploit

Mar 04, 2007

Solution

Unknown

Description

Asterisk PBX contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed SIP REGISTER packet is sent to the affected application without a SIP URI and version header in the request. This will result in a null pointer dereference and a loss of availability for the Asterisk PBX service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to Asterisk PBX release 1.4.1 or 1.2.16 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Asterisk	Asterisk	1.4.0
		1.2.15
		1.2.14
		1.2.13
		1.2.12.1
		1.2.12
		1.2.11
		1.2.10
		1.2.9.1
		1.2.9
		1.2.8
		1.2.7.1
		1.2.7
		1.2.6
		1.2.5
		1.2.4
		1.2.3
		1.2.2
		1.2.1
		1.2.0
		1.2.0-beta1
		1.2.0-beta2
		1.2.0-rc1
		1.2.0-rc2
		1.4.0-beta1
		1.4.0-beta2
		1.4.0-beta3
		1.4.0-beta4

References

Security Tracker: 1017723
CVE ID: 2007-1306 (see also: NVD)
CERT VU: 228032
Bugtraq ID: 22838
Secunia Advisory ID: 24380 24578 25582 26602
ISS X-Force ID: 32830
Milw0rm: 3407
Exploit Database: 3407
VUPEN Advisory: ADV-2007-0830
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0029.html
Vendor Specific News/Changelog Entry: http://asterisk.org/node/48319
http://asterisk.org/node/48320
Other Advisory URL: http://labs.musecurity.com/advisories/MU-200703-01.txt
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html
http://lists.suse.com/archive/suse-security-announce/2007-Jun/0003.html
http://www.gentoo.org/security/en/glsa/glsa-200703-14.xml
Generic Exploit URL: http://packetstormsecurity.org/0703-exploits/asterisk-sip-kill.c

Credit

Mu Security - -

Direct URL: http://osvdb.org/33888