SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VoIP)  >   Asterisk Vendors:   Digium (Linux Support Services)
Asterisk File Descriptor Leak Lets Remote Authenticated Users Deny Service
SecurityTracker Alert ID:  1031661
SecurityTracker URL:  http://securitytracker.com/id/1031661
CVE Reference:   CVE-2015-1558   (Links to External Site)
Updated:  Feb 18 2015
Original Entry Date:  Jan 29 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 12.8.1, 13.1.1
Description:   A vulnerability was reported in Asterisk. A remote authenticated user can cause denial of service conditions.

A remote authenticated user can send an SDP offer that lists codecs not allowed by Asterisk to consume RTP ports on the target system.

The PJSIP channel driver is affected.

The vendor was notified on January 6, 2015.

Y Ateya reported this vulnerability.

Impact:   A remote authenticated user can consume RTP ports on the target system.
Solution:   The vendor has issued a fix (12.8.1, 13.1.1).

The vendor's advisory is available at:

http://downloads.digium.com/pub/security/AST-2015-001.html

Vendor URL:  downloads.digium.com/pub/security/AST-2015-001.html (Links to External Site)
Cause:   Resource error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  [FD] AST-2015-001: File descriptor leak when incompatible codecs are offered

               Asterisk Project Security Advisory - AST-2015-001

         Product        Asterisk                                              
         Summary        File descriptor leak when incompatible codecs are     
                        offered                                               
    Nature of Advisory  Resource exhaustion                                   
      Susceptibility    Remote Authenticated Sessions                         
         Severity       Major                                                 
      Exploits Known    No                                                    
       Reported On      6 January, 2015                                       
       Reported By      Y Ateya                                               
        Posted On       9 January, 2015                                       
     Last Updated On    January 28, 2015                                      
     Advisory Contact   Mark Michelson <mmichelson AT digium DOT com>         
         CVE Name       Pending                                               

    Description  Asterisk may be configured to only allow specific audio or   
                 video codecs to be used when communicating with a            
                 particular endpoint. When an endpoint sends an SDP offer     
                 that only lists codecs not allowed by Asterisk, the offer    
                 is rejected. However, in this case, RTP ports that are       
                 allocated in the process are not reclaimed.                  
                                                                              
                 This issue only affects the PJSIP channel driver in          
                 Asterisk. Users of the chan_sip channel driver are not       
                 affected.                                                    
                                                                              
                 As the resources are allocated after authentication, this    
                 issue only affects communications with authenticated         
                 endpoints.                                                   

    Resolution  The reported leak has been patched.                           

                               Affected Versions       
                         Product                       Release  
                                                       Series   
                  Asterisk Open Source                  1.8.x   Unaffected    
                  Asterisk Open Source                  11.x    Unaffected    
                  Asterisk Open Source                  12.x    All versions  
                  Asterisk Open Source                  13.x    All versions  
                   Certified Asterisk                  1.8.28   Unaffected    
                   Certified Asterisk                   11.6    Unaffected    

                                  Corrected In                
                            Product                              Release      
                      Asterisk Open Source                    12.8.1, 13.1.1  

                                    Patches                          
                                SVN URL                              Revision 
   http://downloads.asterisk.org/pub/security/AST-2015-001-12.diff   Asterisk 
                                                                     12       
   http://downloads.asterisk.org/pub/security/AST-2015-001-13.diff   Asterisk 
                                                                     13       

    Links  https://issues.asterisk.org/jira/browse/ASTERISK-24666             

    Asterisk Project Security Advisories are posted at                        
    http://www.asterisk.org/security                                          
                                                                              
    This document may be superseded by later versions; if so, the latest      
    version will be posted at                                                 
    http://downloads.digium.com/pub/security/AST-2015-001.pdf and             
    http://downloads.digium.com/pub/security/AST-2015-001.html                

                                Revision History
         Date            Editor                  Revisions Made               
    9 January, 2015  Mark Michelson  Initial creation                         

               Asterisk Project Security Advisory - AST-2015-001
              Copyright (c) 2015 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC