Asterisk
Project Security Advisory -
|
Product |
Asterisk |
|
Summary |
Remote crash vulnerability in IAX2 channel driver |
|
Nature of Advisory |
Remote crash |
|
Susceptibility |
Remote unauthenticated sessions |
|
Severity |
Moderate |
|
Exploits Known |
No |
|
Reported On |
June 1, 2011 |
|
Reported By |
|
|
Posted On |
June 22, 2011 |
|
Last Updated On |
|
|
Advisory Contact |
Terry Wilson <twilson@digium.com> |
|
CVE Name |
CVE-2011-2535 |
|
Description |
A memory address was inadvertently transmitted over the network via IAX2 via an option control frame and the remote party would try to access it. |
|
Resolution |
The default behavior is to no longer transmit all option control frame data across an IAX2 link, but only what is specifically useful to send. The option that was passed is also no longer read via the network if it is sent. |
|
Affected Versions |
||
|
Product |
Release Series |
|
|
Asterisk Open Source |
1.4.x |
1.4.37+ |
|
Asterisk Open Source |
1.6.2.x |
1.6.2.15+ |
|
Asterisk Open Source |
1.8.x |
All versions |
|
Asterisk Business Edition |
C.3 |
C.3.6+ |
|
Corrected In |
|
|
Product |
Release |
|
Asterisk Open Source |
1.4.41.1, 1.6.2.18.1, 1.8.4.3 |
|
Asterisk Business Edition |
C.3.7.3 |
|
|
|
|
Patches |
|
|
SVN URL |
Revision |
|
http://downloads.asterisk.org/pub/security/AST-2011-010-1.4.diff |
1.4 |
|
http://downloads.asterisk.org/pub/security/AST-2011-010-1.6.2.diff |
1.6.2 |
|
http://downloads.asterisk.org/pub/security/AST-2011-010-1.8.diff |
1.8 |
|
Links |
|
|
Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later
versions; if so, the latest version will be posted at
http://downloads.digium.com/pub/security/ |
|
Revision History |
||
|
Date |
Editor |
Revisions Made |
|
|
|
|
Asterisk
Project Security Advisory -
Copyright
©
Permission is hereby granted
to distribute and publish this advisory in its original, unaltered
form.