|
Asterisk IAX2 Handshake Denial of Service
|
|
|
|
|
Secunia Advisory:
|
SA29927
|
|
|
Release Date:
|
2008-04-23
|
|
Last Update:
|
2008-04-28
|
|
|
Critical:
|

Less critical
|
|
Impact:
|
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Asterisk 1.x Asterisk Appliance Developer Kit 0.x Asterisk Business Edition 2.x
|
| | CVE reference: | CVE-2008-1897 (Secunia mirror) CVE-2008-1923 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! |
|
|
Description: A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to improper verification of ACK responses during IAX2 handshakes, which can be exploited to spoof an IAX2 handshake and cause a DoS via high bandwidth usage.
The vulnerability is reported in the following versions:
* Asterisk Open Source 1.0.x (all versions)
* Asterisk Open Source 1.2.x (all versions prior to 1.2.28)
* Asterisk Open Source 1.4.x (all versions prior to 1.4.19.1)
* Asterisk Business Edition A.x.x (all versions)
* Asterisk Business Edition B.x.x (all versions prior to B.2.5.2)
* Asterisk Business Edition C.x.x (all versions prior to C.1.8.1)
* AsteriskNOW 1.0.x (all versions prior to 1.0.3)
* Asterisk Appliance Developer Kit 0.x.x (all versions)
* s800i (Asterisk Appliance) 1.0.x (all versions prior to 1.1.0.3)
Solution: Asterisk Open Source 1.2.x:
Fixed in 1.2.28.
Asterisk Open Source 1.4.x:
Fixed in 1.4.19.1.
Asterisk Business Edition B.x.x:
Fixed in B.2.5.2
Asterisk Business Edition C.x.x:
Fixed in C.1.8.1.
AsteriskNOW:
Fixed in 1.0.3.
s800i (Asterisk Appliance):
Fixed in 1.1.0.3.
Provided and/or discovered by: Joel R. Voss a.k.a. Javantea
Changelog: 2008-04-28: Added CVE reference.
Original Advisory: Asterisk:
http://downloads.digium.com/pub/security/AST-2008-006.html
AltSci:
https://www.altsci.com/concepts/page.php?s=asteri&p=2
Extended Solution: The "Extended Solution" section is available for Secunia customers only. Request a trial and get access to the Secunia Customer Area and Extended Secunia advisories.
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
28 Related Secunia Security Advisories, displaying 10
|
|
|
1. Asterisk "pedantic" SIP Processing Denial of Service
|
|
2. Asterisk Predictable HTTP Manager ID Weakness
|
|
3. Asterisk Multiple Vulnerabilities
|
|
4. Asterisk "BYE/Also" Denial of Service Vulnerability
|
|
5. Asterisk Registration Database Security Bypass
|
|
6. Asterisk Postgres Realtime Engine SQL Injection
|
|
7. Asterisk Call Detail Record Postgres SQL Injection
|
|
8. Asterisk IMAP Storage Voicemail Buffer Overflow
|
|
9. Asterisk Voicemail IMAP Backend Invalid MIME Denial of Service
|
|
10. Asterisk SIP Channel Driver Dialog History Memory Exhaustion
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|