| Summary: | <net-misc/asterisk-{1.6.2.17.2,1.8.3.2}: multiple vulnerabilities (CVE-2011-{1174,1175}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Paweł Hajdan, Jr. (RETIRED) <phajdan.jr> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | alexanderyt, chainsaw, voip+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | B1 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Paweł Hajdan, Jr. (RETIRED)
2011-03-21 13:58:22 UTC
Adding CVE assignment per http://www.openwall.com/lists/oss-security/2011/03/21/12. > > AST-2011-003: > > http://downloads.asterisk.org/pub/security/AST-2011-003.pdf > > - resource exhaustion DoS in Asterisk Manager Interface http://downloads.asterisk.org/pub/security/AST-2011-003.html Use CVE-2011-1174 > > > > AST-2011-004: > > http://downloads.asterisk.org/pub/security/AST-2011-003.pdf > > - DoS in TCP/TLS server due to NULL ptr deref http://downloads.asterisk.org/pub/security/AST-2011-004.html Use CVE-2011-1175 +*asterisk-1.8.3.2 (23 Mar 2011) + + 23 Mar 2011; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.8.2.4.ebuild, + -asterisk-1.8.3.ebuild, +asterisk-1.8.3.2.ebuild: + Secure ebuild for the 1.8 branch; robustness fixes for the manager interface. + As per advisory AST-2011-003, a denial of service is possible through + resource exhaustion in previous versions. As per advisory AST-2011-004, it is + possible to cause a NULL pointer dereference by rapidly opening & closing + TCP/TLS connections. Removed insecure ebuilds. +*asterisk-1.6.2.17.2 (23 Mar 2011) + + 23 Mar 2011; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.6.2.17.ebuild, + +asterisk-1.6.2.17.2.ebuild: + Secure ebuild for the 1.6.2 branch; robustness fixes for the manager + interface. As per advisory AST-2011-003, a denial of service is possible + through resource exhaustion in previous versions. As per advisory + AST-2011-004, it is possible to cause a NULL pointer dereference by rapidly + opening & closing TCP/TLS connections. Removed all but the last stable + ebuild. For security bug #359767 filed by Pawel Hajdan, Jr. Arches, please test & mark stable (on the default configuration, you should be able to repeatedly start & stop the daemon) net-misc/asterisk-1.6.2.17.2 which obsoletes the insecure net-misc/asterisk-1.6.2.16.2-r2 ebuild. I do not expect this request to have any dependencies, but if it does, please proceed where possible. amd64 ok amd64 done, thanks Agostino Looks good on x86. The two revdeps (net-misc/asterisk-chan_sccp & net-misc/asterisk-app_conference) do not compile, but that was already the case with the current stable asterisk... x86 stable. Thanks Andreas Thanks, folks. Added to existing GLSA request. + 23 Mar 2011; Tony Vroon <chainsaw@gentoo.org> -asterisk-1.6.2.16.2-r2.ebuild: + Remove vulnerable ebuild for CVE-2011-1174 & CVE-2011-1175 now that a secure + ebuild has been stabled. CVE-2011-1175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1175): tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API. CVE-2011-1174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1174): manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x before 1.8.3.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a series of manager sessions involving invalid data. This issue was resolved and addressed in GLSA 201110-21 at http://security.gentoo.org/glsa/glsa-201110-21.xml by GLSA coordinator Tim Sammut (underling). |