Product

Asterisk

Summary

Remote Crash Vulnerability in RTP stack

Nature of Advisory

Exploitable Crash

Susceptibility

Remote unauthenticated sessions

Severity

Critical

Exploits Known

No

Reported On

July 27, 2009

Reported By

Marcus Hunger <hunger AT sipgate DOT de>

Posted On

August 2, 2009

Last Updated On

August 10, 2009

Advisory Contact

Mark Michelson <mmichelson AT digium DOT com>

CVE Name

CVE-2009-2725

Description

An attacker can cause Asterisk to crash remotely by sending malformed RTP text frames. While the attacker can cause Asterisk to crash, he cannot execute arbitrary remote code with this exploit.

Resolution

Users should upgrade to a version listed in the “Corrected In” section below.

Affected Versions

Product

Release Series

Asterisk Open Source

1.2.x

Unaffected

Asterisk Open Source

1.4.x

Unaffected

Asterisk Open Source

1.6.x

All 1.6.1 versions

Asterisk Addons

1.2.x

Unaffected

Asterisk Addons

1.4.x

Unaffected

Asterisk Addons

1.6.x

Unaffected

Asterisk Business Edition

A.x.x

Unaffected

Asterisk Business Edition

B.x.x

Unaffected

Asterisk Business Edition

C.x.x

Unaffected

AsteriskNOW

1.5

Unaffected

s800i (Asterisk Appliance)

1.2.x

Unaffected

Corrected In

Product

Release

Open Source Asterisk 1.6.1

1.6.1.2

Patches

SVN URL

Version

http://downloads.digium.com/pub/security/AST-2009-004-1.6.1.diff.txt

1.6.1

Links

Asterisk Project Security Advisories are posted at http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2009-004.pdf and http://downloads.digium.com/pub/security/AST-2009-004.html

Revision History

Date

Editor

Revisions Made

27 Jul, 2009

Mark Michelson

Initial Draft

31 Jul, 2009

Mark Michelson

Added sentence about how remote code cannot be executed.

August 2, 2009

Tilghman Lesher

Public release

August 10, 2009

Tilghman Lesher

Added CVE identifier