RTP s800i 1.3.0.4 Remote Crash Vulnerability

2009-12-02 / 2009-12-03
Credit: Asterisk Security Team
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2009-4055
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

Asterisk Project Security Advisory - AST-2009-010 +----------------------------------------------------------------------- -+ | Product | Asterisk | |----------------------+------------------------------------------------ -| | Summary | RTP Remote Crash Vulnerability | |----------------------+------------------------------------------------ -| | Nature of Advisory | Denial of Service | |----------------------+------------------------------------------------ -| | Susceptibility | Remote unauthenticated sessions | |----------------------+------------------------------------------------ -| | Severity | Critical | |----------------------+------------------------------------------------ -| | Exploits Known | No | |----------------------+------------------------------------------------ -| | Reported On | November 13, 2009 | |----------------------+------------------------------------------------ -| | Reported By | issues.asterisk.org user amorsen | |----------------------+------------------------------------------------ -| | Posted On | November 30, 2009 | |----------------------+------------------------------------------------ -| | Last Updated On | November 30, 2009 | |----------------------+------------------------------------------------ -| | Advisory Contact | David Vossel < dvossel AT digium DOT com > | |----------------------+------------------------------------------------ -| | CVE Name | CVE-2009-4055 | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Description | An attacker sending a valid RTP comfort noise payload | | | containing a data length of 24 bytes or greater can | | | remotely crash Asterisk. | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Resolution | Upgrade to one of the versions of Asterisk listed in the | | | "Corrected In" section, or apply a patch specified in the | | | "Patches" section. | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Affected Versions | |----------------------------------------------------------------------- -| | Product | Release Series | | |----------------------------------+----------------+------------------- -| | Asterisk Open Source | 1.2.x | All versions | |----------------------------------+----------------+------------------- -| | Asterisk Open Source | 1.4.x | All versions | |----------------------------------+----------------+------------------- -| | Asterisk Open Source | 1.6.x | All versions | |----------------------------------+----------------+------------------- -| | Asterisk Business Edition | B.x.x | All versions | |----------------------------------+----------------+------------------- -| | Asterisk Business Edition | C.x.x | All versions | |----------------------------------+----------------+------------------- -| | s800i (Asterisk Appliance) | 1.3.x | All versions | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Corrected In | |----------------------------------------------------------------------- -| | Product | Release | |---------------------------------------------+------------------------- -| | Asterisk Open Source | 1.2.37 | |---------------------------------------------+------------------------- -| | Asterisk Open Source | 1.4.27.1 | |---------------------------------------------+------------------------- -| | Asterisk Open Source | 1.6.0.19 | |---------------------------------------------+------------------------- -| | Asterisk Open Source | 1.6.1.11 | |---------------------------------------------+------------------------- -| | Asterisk Business Edition | B.2.5.13 | |---------------------------------------------+------------------------- -| | Asterisk Business Edition | C.2.4.6 | |---------------------------------------------+------------------------- -| | Asterisk Business Edition | C.3.2.3 | |---------------------------------------------+------------------------- -| | S800i (Asterisk Appliance) | 1.3.0.6 | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- ------+ | Patches | |----------------------------------------------------------------------- ------| | Link |Branch| |----------------------------------------------------------------------+ ------| |http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt |1.2 | |----------------------------------------------------------------------+ ------| |http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt |1.4 | |----------------------------------------------------------------------+ ------| |http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt| 1.6.0 | |----------------------------------------------------------------------+ ------| |http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt| 1.6.1 | +----------------------------------------------------------------------- ------+ +----------------------------------------------------------------------- -+ | Links | https://issues.asterisk.org/view.php?id=16242 | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Asterisk Project Security Advisories are posted at | | http://www.asterisk.org/security | | | | This document may be superseded by later versions; if so, the latest | | version will be posted at | | http://downloads.digium.com/pub/security/AST-2009-010.pdf and | | http://downloads.digium.com/pub/security/AST-2009-010.html | +----------------------------------------------------------------------- -+ +----------------------------------------------------------------------- -+ | Revision History | |----------------------------------------------------------------------- -| | Date | Editor | Revisions Made | |------------------+---------------------+------------------------------ -| | 2009-09-03 | David Vossel | Initial release | +----------------------------------------------------------------------- -+ Asterisk Project Security Advisory - AST-2009-010 Copyright (c) 2009 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form.

References:

https://issues.asterisk.org/view.php?id=16242
http://xforce.iss.net/xforce/xfdb/54471
http://www.vupen.com/english/advisories/2009/3368
http://www.securityfocus.com/bid/37153
http://www.securityfocus.com/archive/1/archive/1/508147/100/0/threaded
http://www.osvdb.org/60569
http://securitytracker.com/id?1023249
http://downloads.digium.com/pub/security/AST-2009-010.html
http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top