Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Asterisk :: bu-1690.htm

T.38 Remote Crash Vulnerability



AST-2010-001: T.38 Remote Crash Vulnerability
AST-2010-001: T.38 Remote Crash Vulnerability



               Asterisk Project Security Advisory - AST-2010-001

   +------------------------------------------------------------------------+
   |       Product        | Asterisk                                        |
   |----------------------+-------------------------------------------------|
   |       Summary        | T.38 Remote Crash Vulnerability                 |
   |----------------------+-------------------------------------------------|
   |  Nature of Advisory  | Denial of Service                               |
   |----------------------+-------------------------------------------------|
   |    Susceptibility    | Remote unauthenticated sessions                 |
   |----------------------+-------------------------------------------------|
   |       Severity       | Critical                                        |
   |----------------------+-------------------------------------------------|
   |    Exploits Known    | No                                              |
   |----------------------+-------------------------------------------------|
   |     Reported On      | 12/03/09                                        |
   |----------------------+-------------------------------------------------|
   |     Reported By      | issues.asterisk.org users bklang and elsto      |
   |----------------------+-------------------------------------------------|
   |      Posted On       | 02/03/10                                        |
   |----------------------+-------------------------------------------------|
   |   Last Updated On    | February 2, 2010                                |
   |----------------------+-------------------------------------------------|
   |   Advisory Contact   | David Vossel < dvossel AT digium DOT com >      |
   |----------------------+-------------------------------------------------|
   |       CVE Name       | CVE-2010-0441                                   |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | An attacker attempting to negotiate T.38 over SIP can    |
   |             | remotely crash Asterisk by modifying the FaxMaxDatagram  |
   |             | field of the SDP to contain either a negative or         |
   |             | exceptionally large value. The same crash occurs when    |
   |             | the FaxMaxDatagram field is omitted from the SDP as      |
   |             | well.                                                    |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Upgrade to one of the versions of Asterisk listed in the  |
   |            | "Corrected In" section, or apply a patch specified in the |
   |            | "Patches" section.                                        |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |             Product              | Release Series |                    |
   |----------------------------------+----------------+--------------------|
   |       Asterisk Open Source       |     1.6.x      | All versions       |
   |----------------------------------+----------------+--------------------|
   |    Asterisk Business Edition     |      C.3       | All versions       |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                 Product                  |           Release           |
   |------------------------------------------+-----------------------------|
   |           Asterisk Open Source           |          1.6.0.22           |
   |------------------------------------------+-----------------------------|
   |           Asterisk Open Source           |          1.6.1.14           |
   |------------------------------------------+-----------------------------|
   |           Asterisk Open Source           |           1.6.2.2           |
   |------------------------------------------+-----------------------------|
   |                                          |           C.3.3.2           |
   +------------------------------------------------------------------------+

   +-------------------------------------------------------------------------+
   |                                 Patches                                 |
   |-------------------------------------------------------------------------|
   |                             SVN URL                              |Branch|
   |------------------------------------------------------------------+------|
|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff|v1.6.0| 
   |------------------------------------------------------------------+------|
|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff|v1.6.1| 
   |------------------------------------------------------------------+------|
|http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff|v1.6.2| 
   +-------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |     Links      | https://issues.asterisk.org/view.php?id=16634         |
   |                |                                                       |
   |                | https://issues.asterisk.org/view.php?id=16724         |
   |                |                                                       |
   |                | https://issues.asterisk.org/view.php?id=16517         |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
| http://www.asterisk.org/security | 
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
| http://downloads.digium.com/pub/security/.pdf and | 
| http://downloads.digium.com/pub/security/.html | 
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |      Date      |        Editor        |         Revisions Made         |
   |----------------+----------------------+--------------------------------|
   | 02/02/10       | David Vossel         | Initial release                |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2010-001
              Copyright (c) 2010 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH