Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 280159 (CVE-2009-2651)

Summary: net-misc/asterisk >1.2.33 <1.6.1.2: Remote Crash Vulnerability in RTP stack (CVE-2009-2651)
Product: Gentoo Security Reporter: Doron Fediuck <doron.fediuck>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: chainsaw, voip+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://downloads.digium.com/pub/security/AST-2009-004.html
Whiteboard: ~3 [noglsa]
Package list:
Runtime testing required: ---

Description Doron Fediuck 2009-08-03 10:23:04 UTC 
http://thread.gmane.org/gmane.comp.security.full-disclosure/68793
   +------------------------------------------------------------------------+
   | Description | An attacker can cause Asterisk to crash remotely by      |
   |             | sending malformed RTP text frames. While the attacker    |
   |             | can cause Asterisk to crash, he cannot execute arbitrary |
   |             | remote code with this exploit.                           |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |            Product            | Release Series |                       |
   |-------------------------------+----------------+-----------------------|
   |     Asterisk Open Source      |     1.2.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |     Asterisk Open Source      |     1.4.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |     Asterisk Open Source      |     1.6.x      | All 1.6.1 versions    |
   |-------------------------------+----------------+-----------------------|
   |        Asterisk Addons        |     1.2.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |        Asterisk Addons        |     1.4.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |        Asterisk Addons        |     1.6.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |   Asterisk Business Edition   |     A.x.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |   Asterisk Business Edition   |     B.x.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |   Asterisk Business Edition   |     C.x.x      | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |          AsteriskNOW          |      1.5       | Unaffected            |
   |-------------------------------+----------------+-----------------------|
   |  s800i (Asterisk Appliance)   |     1.2.x      | Unaffected            |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                              Corrected In                              |
   |------------------------------------------------------------------------|
   |                   Product                   |         Release          |
   |---------------------------------------------+--------------------------|
   |         Open Source Asterisk 1.6.1          |         1.6.1.2          |
   |---------------------------------------------+--------------------------|
   +------------------------------------------------------------------------+
Comment 1 Doron Fediuck 2009-08-03 11:41:14 UTC 
Since masked, changed to ~3 (Trivial).
Comment 2 Thomas Stein 2009-08-07 12:53:14 UTC 
Version bump is easy. The patches apply to 1.6.1.2 just fine. Just rename asterisk-1.6.1.1-resolve-peer-not-section-header.patch and the ebuild.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-07 01:08:18 UTC 
1.6.1.9 appeared in portage. Closing noglsa as there were never a stable 1.6.1.9.
Comment 4 Stefan Behte (RETIRED) gentoo-dev Security 2009-11-07 01:09:21 UTC 
1.6.x, of course.