Info

Disclosure

Apr 25, 2007

Discovery

Unknown

Dates

Exploit

Apr 25, 2007

Solution

Unknown

Description

A remote overflow exists in multiple Asterisk releases. The Manager Interface fails to properly verify user-supplied input resulting in a NULL pointer dereference. With a specially crafted MD5 login request, an attacker can cause a denial of service resulting in a loss of availability for the application.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to Asterisk 1.2.18 or 1.4.3, Asterisk Business Edition B.1.3.3, AsteriskNOW Beta6 and Asterisk Appliance Developer Kit 0.4.0 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Digium	Asterisk	1.0.x
		1.4.2
		1.4.1
		1.4.0-beta1
		1.4.0-beta2
		1.4.0-beta3
		1.4.0-beta4
		1.4.0
		1.2.17
		1.2.16
		1.2.15
		1.2.14
		1.2.13
		1.2.12.1
		1.2.12
		1.2.11
		1.2.10
		1.2.9.1
		1.2.9
		1.2.8
		1.2.7.1
		1.2.7
		1.2.6
		1.2.5
		1.2.4
		1.2.3
		1.2.2
		1.2.1
		1.2.0
		1.2.0-beta1
		1.2.0-beta2
		1.2.0rc1
		1.2.0rc2
	Asterisk Appliance Developer Kit	0.2.0
	Asterisk Appliance Developer Kit	0.3.2a
	AsteriskNOW	beta5
	Asterisk Business Edition	A.x.x
	Asterisk Business Edition	B.1.3

References

Keyword: "ASA-2007-012" "TCP Port 5038"
Security Tracker: 1017955
CVE ID: 2007-2294 (see also: NVD)
Bugtraq ID: 23649
Secunia Advisory ID: 24977 25582 26602
ISS X-Force ID: 33886
Related OSVDB ID: 35368
VUPEN Advisory: ADV-2007-1534
Vendor Specific News/Changelog Entry: ftp://ftp.digium.com/pub/asa/ASA-2007-012.html
Other Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html
http://lists.suse.com/archive/suse-security-announce/2007-Jun/0003.html
http://www.novell.com/linux/security/advisories/2007_34_asterisk.html
Mail List Post: http://www.securityfocus.com/archive/1/archive/1/466911/100/0/threaded

Credit

Michael Spruel - L.A. Fitness International
Jeremy Lee - L.A. Fitness International
Peter Nguyen - L.A. Fitness International

Direct URL: http://osvdb.org/35369

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Digium

Asterisk

Asterisk Appliance Developer Kit

AsteriskNOW

Asterisk Business Edition

References

Credit