Asterisk Project Security Advisory - AST-2011-010

Product

Asterisk

Summary

Remote crash vulnerability in IAX2 channel driver

Nature of Advisory

Remote crash

Susceptibility

Remote unauthenticated sessions

Severity

Moderate

Exploits Known

No

Reported On

June 1, 2011

Reported By


Posted On

June 22, 2011

Last Updated On

June 22, 2011

Advisory Contact

Terry Wilson <twilson@digium.com>

CVE Name

CVE-2011-2535



Description

A memory address was inadvertently transmitted over the network via IAX2 via an option control frame and the remote party would try to access it.


Resolution

The default behavior is to no longer transmit all option control frame data across an IAX2 link, but only what is specifically useful to send. The option that was passed is also no longer read via the network if it is sent.


Affected Versions

Product

Release Series


Asterisk Open Source

1.4.x

1.4.37+

Asterisk Open Source

1.6.2.x

1.6.2.15+

Asterisk Open Source

1.8.x

All versions

Asterisk Business Edition

C.3

C.3.6+


Corrected In

Product

Release

Asterisk Open Source

1.4.41.1, 1.6.2.18.1, 1.8.4.3

Asterisk Business Edition

C.3.7.3




Patches

SVN URL

Revision

http://downloads.asterisk.org/pub/security/AST-2011-010-1.4.diff

1.4

http://downloads.asterisk.org/pub/security/AST-2011-010-1.6.2.diff

1.6.2

http://downloads.asterisk.org/pub/security/AST-2011-010-1.8.diff

1.8



Links



Asterisk Project Security Advisories are posted at http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2011-010.pdf and http://downloads.digium.com/pub/security/AST-2011-010.html


Revision History

Date

Editor

Revisions Made





Asterisk Project Security Advisory - AST-2011-010
Copyright © 2011 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its original, unaltered form.