Vigil@nce - Asterisk: buffer overflow of __ast_string_field_ptr_build_va
September 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can generate a buffer overflow in
__ast_string_field_ptr_build_va of Asterisk, in order to trigger a
denial of service, and possibly to execute code.
Impacted products: Asterisk Open Source
Severity: 2/4
Creation date: 20/08/2014
DESCRIPTION OF THE VULNERABILITY
The Asterisk product offers telephony functions.
The source file main/utils.c contains some generic help routines.
However, the function __ast_string_field_ptr_build_va wrongly
computes the size of data to be handled, which may lead to an
overflow.
An attacker can therefore generate a buffer overflow in
__ast_string_field_ptr_build_va of Asterisk, in order to trigger a
denial of service, and possibly to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Asterisk-buffer-overflow-of-ast-string-field-ptr-build-va-15206