Vigil@nce - Asterisk: three vulnerabilities
May 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use three vulnerabilities of Asterisk, in order to
create a denial of service or to execute code.
Severity: 2/4
Creation date: 24/04/2012
IMPACTED PRODUCTS
– Asterisk Open Source
– Debian Linux
– Fedora
DESCRIPTION OF THE VULNERABILITY
Three vulnerabilities were announced in Asterisk.
An attacker, who is authenticated on Asterisk Manager Interface,
can use the MixMonitor application, in order to execute shell
commands on the server. [severity:2/4; AST-2012-004, BID-53206,
CVE-2012-2414]
An authenticated attacker can use the Skinny protocol, to send
several KEYPAD_BUTTON_MESSAGE messages, in order to generate a
buffer overflow. [severity:2/4; AST-2012-005, BID-53210,
CVE-2012-2415]
When "trustrpid" is configured, an unauthenticated attacker can
send a SIP UPDATE query after the end of a call, in order to
dereference a NULL pointer, which stops the service.
[severity:2/4; AST-2012-006, BID-53205, CVE-2012-2416]
An attacker can therefore use three vulnerabilities of Asterisk,
in order to create a denial of service or to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Asterisk-three-vulnerabilities-11565