[gentoo-announce] [ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities - gentoo-announce

From:	Pierre-Yves Rofes <py@g.o>
To:	gentoo-announce@l.g.o
Cc:	full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200802-11 ] Asterisk: Multiple vulnerabilities
Date:	Tue, 26 Feb 2008 22:29:43
Message-Id:	`47C49AE7.1080709@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200802-11

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: High

11

     Title: Asterisk: Multiple vulnerabilities

12

      Date: February 26, 2008

13

      Bugs: #185713

14

        ID: 200802-11

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

Multiple vulnerabilities have been found in Asterisk.

22

23

Background

24

==========

25

26

Asterisk is an open source telephony engine and tool kit.

27

28

Affected packages

29

=================

30

31

    -------------------------------------------------------------------

32

     Package            /    Vulnerable    /                Unaffected

33

    -------------------------------------------------------------------

34

  1  net-misc/asterisk      < 1.2.21.1-r1                *>= 1.2.17-r1

35

                                                        >= 1.2.21.1-r1

36

37

Description

38

===========

39

40

Multiple vulnerabilities have been found in Asterisk:

41

42

* Russel Bryant reported a stack buffer overflow in the IAX2 channel

43

  driver (chan_iax2) when bridging calls between chan_iax2 and any

44

  channel driver that uses RTP for media (CVE-2007-3762).

45

46

* Chris Clark and Zane Lackey (iSEC Partners) reported a NULL pointer

47

  dereference in the IAX2 channel driver (chan_iax2) (CVE-2007-3763).

48

49

* Will Drewry (Google Security) reported a vulnerability in the

50

  Skinny channel driver (chan_skinny), resulting in an overly large

51

  memcpy (CVE-2007-3764).

52

53

* Will Drewry (Google Security) reported a vulnerability in the IAX2

54

  channel driver (chan_iax2), that does not correctly handle

55

  unauthenticated transactions using a 3-way handshake (CVE-2007-4103).

56

57

Impact

58

======

59

60

By sending a long voice or video RTP frame, a remote attacker could

61

possibly execute arbitrary code on the target machine. Sending

62

specially crafted LAGRQ or LAGRP frames containing information elements

63

of IAX frames, or a certain data length value in a crafted packet, or

64

performing a flood of calls not completing a 3-way handshake, could

65

result in a Denial of Service.

66

67

Workaround

68

==========

69

70

There is no known workaround at this time.

71

72

Resolution

73

==========

74

75

All Asterisk users should upgrade to the latest version:

76

77

    # emerge --sync

78

    # emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.2.17-r1"

79

80

References

81

==========

82

83

  [ 1 ] CVE-2007-3762

84

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762

85

  [ 2 ] CVE-2007-3763

86

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3763

87

  [ 3 ] CVE-2007-3764

88

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3764

89

  [ 4 ] CVE-2007-4103

90

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103

91

92

Availability

93

============

94

95

This GLSA and any updates to it are available for viewing at

96

the Gentoo Security Website:

97

98

  http://security.gentoo.org/glsa/glsa-200802-11.xml

99

100

Concerns?

101

=========

102

103

Security is a primary focus of Gentoo Linux and ensuring the

104

confidentiality and security of our users machines is of utmost

105

importance to us. Any security concerns should be addressed to

106

security@g.o or alternatively, you may file a bug at

107

http://bugs.gentoo.org.

108

109

License

110

=======

111

112

Copyright 2008 Gentoo Foundation, Inc; referenced text

113

belongs to its owner(s).

114

115

The contents of this document are licensed under the

116

Creative Commons - Attribution / Share Alike license.

117

118

http://creativecommons.org/licenses/by-sa/2.5

119

-----BEGIN PGP SIGNATURE-----

120

Version: GnuPG v2.0.7 (GNU/Linux)

121

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

122

123

iD8DBQFHxJrnuhJ+ozIKI5gRAj24AJ9B/dpuczuQcgSUyADZOo0qWaZCJACfUiEF

124

rruqvLgqJy68eyibCHnBz6M=

125

=jW6E

126

-----END PGP SIGNATURE-----

127

--

128

gentoo-announce@l.g.o mailing list

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200802-11
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: High
11	Title: Asterisk: Multiple vulnerabilities
12	Date: February 26, 2008
13	Bugs: #185713
14	ID: 200802-11
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	Multiple vulnerabilities have been found in Asterisk.
22
23	Background
24	==========
25
26	Asterisk is an open source telephony engine and tool kit.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 net-misc/asterisk < 1.2.21.1-r1 *>= 1.2.17-r1
35	>= 1.2.21.1-r1
36
37	Description
38	===========
39
40	Multiple vulnerabilities have been found in Asterisk:
41
42	* Russel Bryant reported a stack buffer overflow in the IAX2 channel
43	driver (chan_iax2) when bridging calls between chan_iax2 and any
44	channel driver that uses RTP for media (CVE-2007-3762).
45
46	* Chris Clark and Zane Lackey (iSEC Partners) reported a NULL pointer
47	dereference in the IAX2 channel driver (chan_iax2) (CVE-2007-3763).
48
49	* Will Drewry (Google Security) reported a vulnerability in the
50	Skinny channel driver (chan_skinny), resulting in an overly large
51	memcpy (CVE-2007-3764).
52
53	* Will Drewry (Google Security) reported a vulnerability in the IAX2
54	channel driver (chan_iax2), that does not correctly handle
55	unauthenticated transactions using a 3-way handshake (CVE-2007-4103).
56
57	Impact
58	======
59
60	By sending a long voice or video RTP frame, a remote attacker could
61	possibly execute arbitrary code on the target machine. Sending
62	specially crafted LAGRQ or LAGRP frames containing information elements
63	of IAX frames, or a certain data length value in a crafted packet, or
64	performing a flood of calls not completing a 3-way handshake, could
65	result in a Denial of Service.
66
67	Workaround
68	==========
69
70	There is no known workaround at this time.
71
72	Resolution
73	==========
74
75	All Asterisk users should upgrade to the latest version:
76
77	# emerge --sync
78	# emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.2.17-r1"
79
80	References
81	==========
82
83	[ 1 ] CVE-2007-3762
84	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762
85	[ 2 ] CVE-2007-3763
86	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3763
87	[ 3 ] CVE-2007-3764
88	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3764
89	[ 4 ] CVE-2007-4103
90	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103
91
92	Availability
93	============
94
95	This GLSA and any updates to it are available for viewing at
96	the Gentoo Security Website:
97
98	http://security.gentoo.org/glsa/glsa-200802-11.xml
99
100	Concerns?
101	=========
102
103	Security is a primary focus of Gentoo Linux and ensuring the
104	confidentiality and security of our users machines is of utmost
105	importance to us. Any security concerns should be addressed to
106	security@g.o or alternatively, you may file a bug at
107	http://bugs.gentoo.org.
108
109	License
110	=======
111
112	Copyright 2008 Gentoo Foundation, Inc; referenced text
113	belongs to its owner(s).
114
115	The contents of this document are licensed under the
116	Creative Commons - Attribution / Share Alike license.
117
118	http://creativecommons.org/licenses/by-sa/2.5
119	-----BEGIN PGP SIGNATURE-----
120	Version: GnuPG v2.0.7 (GNU/Linux)
121	Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
122
123	iD8DBQFHxJrnuhJ+ozIKI5gRAj24AJ9B/dpuczuQcgSUyADZOo0qWaZCJACfUiEF
124	rruqvLgqJy68eyibCHnBz6M=
125	=jW6E
126	-----END PGP SIGNATURE-----
127	--
128	gentoo-announce@l.g.o mailing list

Gentoo Archives: gentoo-announce