Vigil@nce: Asterisk-Addons, denial of service of ooh323
June 2008 by Vigil@nce
An attacker can connect to the TCP port of the ooh323 driver of
Asterisk-Addons in order to stop it.
– Gravity: 2/4
– Consequences: denial of service of service
– Provenance: intranet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: medium (2/3)
– Creation date: 05/06/2008
– Identifier: VIGILANCE-VUL-7874
IMPACTED PRODUCTS
Unix - plateform
DESCRIPTION
The Asterisk-Addons suite provides additional components for
Asterisk, such as the ooh323 channel driver which implements H.323.
The ooh323 driver opens a TCP socket on the port
OO_DEFAULT_CMDLISTENER_PORT (7575/tcp) for its internal exchanges.
However, a network attacker can connect to this socket and
interact with the driver.
An attacker can therefore force the driver to free invalid memory
areas, which stops the service.
CHARACTERISTICS
– Identifiers: AST-2008-009, CVE-2008-2543, VIGILANCE-VUL-7874
– Url: https://vigilance.aql.fr/tree/1/7874