lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1WN7PZ-0007My-AD@mail.digium.com>
Date: Mon, 10 Mar 2014 16:07:01 -0500
From: "Asterisk Security Team" <security@...erisk.org>
To: full-disclosure@...ts.grok.org.uk
Subject: AST-2014-003: Remote Crash Vulnerability in PJSIP
	channel driver

               Asterisk Project Security Advisory - AST-2014-003

          Product        Asterisk                                             
          Summary        Remote Crash Vulnerability in PJSIP channel driver   
    Nature of Advisory   Denial of Service                                    
      Susceptibility     Remote Unauthenticated Sessions                      
         Severity        Moderate                                             
      Exploits Known     No                                                   
        Reported On      January 29, 2014                                     
        Reported By      Joshua Colp <jcolp AT digium DOT com>                
         Posted On       March 10, 2014                                       
      Last Updated On    March 10, 2014                                       
     Advisory Contact    Joshua Colp <jcolp AT digium DOT com>                
         CVE Name        CVE-2014-2288                                        

    Description  A remotely exploitable crash vulnerability exists in the     
                 PJSIP channel driver if the "qualify_frequency"              
                 configuration option is enabled on an AOR and the remote     
                 SIP server challenges for authentication of the resulting    
                 OPTIONS request. The response handling code wrongly assumes  
                 that a PJSIP endpoint will always be associated with an      
                 outgoing request which is incorrect.                         

    Resolution  This patch adds a check when handling responses challenging   
                for authentication. If no endpoint is associated with the     
                request no retry with authentication will occur.              

                               Affected Versions
                 Product               Release Series  
          Asterisk Open Source              12.x       All                    

                                  Corrected In    
                      Product                              Release            
             Asterisk Open Source 12.x                      12.1.1            

                                    Patches                        
                               SVN URL                              Revision  
   http://downloads.asterisk.org/pub/security/AST-2014-003-12.diff Asterisk   
                                                                   12         

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-23210       

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at                                                 
    http://downloads.digium.com/pub/security/AST-2014-003.pdf and             
    http://downloads.digium.com/pub/security/AST-2014-003.html                

                                Revision History
          Date                 Editor                  Revisions Made         
    03/05/14           Joshua Colp              Document Creation             

               Asterisk Project Security Advisory - AST-2014-003
              Copyright (c) 2014 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ