Executive Summary

Summary
Title Asterisk: Multiple vulnerabilities
Informations
Name GLSA-201006-20 First vendor Publication 2010-06-04
Vendor Gentoo Last vendor Modification 2010-06-04
Severity (Vendor) Normal Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks.

Background

Asterisk is an open source telephony engine and toolkit.

Description

Multiple vulnerabilities have been reported in Asterisk:

* Nick Baggott reported that Asterisk does not properly process overly long ASCII strings in various packets (CVE-2009-2726).

* Noam Rathaus and Blake Cornell reported a flaw in the IAX2 protocol implementation (CVE-2009-2346).

* amorsen reported an input processing error in the RTP protocol implementation (CVE-2009-4055).

* Patrik Karlsson reported an information disclosure flaw related to the REGISTER message (CVE-2009-3727).

* A vulnerability was found in the bundled Prototype JavaScript library, related to AJAX calls (CVE-2008-7220).

Impact

A remote attacker could exploit these vulnerabilities by sending a specially crafted package, possibly causing a Denial of Service condition, or resulting in information disclosure.

Workaround

There is no known workaround at this time.

Resolution

All Asterisk users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.2.37"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since January 5, 2010. It is likely that your system is already no longer affected by this issue.

References

[ 1 ] CVE-2009-2726 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2726
[ 2 ] CVE-2009-2346 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2346
[ 3 ] CVE-2009-4055 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4055
[ 4 ] CVE-2009-3727 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3727
[ 5 ] CVE-2008-7220 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7220

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-20.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201006-20.xml

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99 XML Parser Attack
CAPEC-119 Resource Depletion
CAPEC-121 Locate and Exploit Test APIs
CAPEC-125 Resource Depletion through Flooding
CAPEC-130 Resource Depletion through Allocation
CAPEC-147 XML Ping of Death
CAPEC-197 XEE (XML Entity Expansion)
CAPEC-227 Denial of Service through Resource Depletion
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229 XML Attribute Blowup

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-770 Allocation of Resources Without Limits or Throttling
33 % CWE-200 Information Exposure
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 31
Application 154
Application 5
Application 364
Application 1
Application 2
Hardware 2
Hardware 4
Os 2

OpenVAS Exploits

Date Description
2011-03-09 Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2010-04-06 Name : Fedora Update for asterisk FEDORA-2010-3381
File : nvt/gb_fedora_2010_3381_asterisk_fc12.nasl
2010-03-31 Name : Fedora Update for asterisk FEDORA-2010-3724
File : nvt/gb_fedora_2010_3724_asterisk_fc11.nasl
2009-12-30 Name : Debian Security Advisory DSA 1952-1 (asterisk)
File : nvt/deb_1952_1.nasl
2009-12-30 Name : Fedora Core 11 FEDORA-2009-12506 (asterisk)
File : nvt/fcore_2009_12506.nasl
2009-12-30 Name : Fedora Core 12 FEDORA-2009-12517 (asterisk)
File : nvt/fcore_2009_12517.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-12461 (asterisk)
File : nvt/fcore_2009_12461.nasl
2009-12-03 Name : Fedora Core 11 FEDORA-2009-11070 (asterisk)
File : nvt/fcore_2009_11070.nasl
2009-12-03 Name : Fedora Core 10 FEDORA-2009-11126 (asterisk)
File : nvt/fcore_2009_11126.nasl
2009-12-01 Name : Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
File : nvt/asterisk_37153.nasl
2009-11-10 Name : Asterisk SIP Response Username Enumeration Remote Information Disclosure Vuln...
File : nvt/asterisk_36924.nasl
2009-09-28 Name : Fedora Core 10 FEDORA-2009-9374 (asterisk)
File : nvt/fcore_2009_9374.nasl
2009-09-28 Name : Fedora Core 11 FEDORA-2009-9405 (asterisk)
File : nvt/fcore_2009_9405.nasl
2009-09-18 Name : Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)
File : nvt/secpod_asterisk_iax2_call_number_dos_vuln.nasl
2009-09-02 Name : Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
File : nvt/secpod_asterisk_sip_channel_driver_dos_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
60569 Asterisk rtp.c RTP Comfort Noise Payload Remote DoS
59697 Asterisk SIP REGISTER Response Username Enumeration Weakness

Asterisk contains a flaw that may allow an attacker to determine valid usernames. The issue is triggered when different responses are being sent using a valid or an invalid username in 'REGISTER' messages. This can be exploited to determine valid usernames by sending a specially crafted 'REGISTER' message. .
57762 Asterisk IAX2 Call Number Resource Exhaustion Remote DoS
56991 Asterisk Multiple Function Maximum Width Handling Remote DoS

Asterisk contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user forces invocation of sscanf() functions which do not specify a maximum width, and will result in loss of availability for the service.
46312 Prototype JavaScript Framework prototype.js Cross-site Ajax Request Unspecifi...

Snort® IPS/IDS

Date Description
2014-01-10 Digium Asterisk RTP comfort noise denial of service attempt
RuleID : 24270 - Revision : 3 - Type : PROTOCOL-VOIP
2014-01-10 Digium Asterisk IAX2 call number denial of service
RuleID : 21608 - Revision : 4 - Type : PROTOCOL-VOIP
2014-01-10 CSeq buffer overflow attempt
RuleID : 16351 - Revision : 11 - Type : PROTOCOL-VOIP
2014-01-10 Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16212 - Revision : 2 - Type : DOS
2014-01-10 Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16211 - Revision : 2 - Type : DOS
2014-01-10 Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16210 - Revision : 2 - Type : DOS
2014-01-10 CSeq buffer overflow attempt
RuleID : 11971 - Revision : 8 - Type : PROTOCOL-VOIP

Nessus® Vulnerability Scanner

Date Description
2010-06-04 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201006-20.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1952.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12506.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12517.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote Fedora host is missing a security update.
File : fedora_2009-12461.nasl - Type : ACT_GATHER_INFO
2009-11-25 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11070.nasl - Type : ACT_GATHER_INFO
2009-11-25 Name : The remote Fedora host is missing a security update.
File : fedora_2009-11126.nasl - Type : ACT_GATHER_INFO
2009-09-28 Name : The remote Fedora host is missing a security update.
File : fedora_2009-9374.nasl - Type : ACT_GATHER_INFO
2009-09-28 Name : The remote Fedora host is missing a security update.
File : fedora_2009-9405.nasl - Type : ACT_GATHER_INFO
2009-09-08 Name : The remote VoIP service is susceptible to a denial of service attack.
File : asterisk_iax2_call_number_dos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:36:54
  • Multiple Updates