|
| Asterisk VoIP server multiple security vulnerabilities | | Published: |  | 19.07.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7943 | | Type: |  | remote | | Level: |  | 7/10 | | Description: |  | Buffer overflow and DoS on IAX2 implementation, DoS in Skinny and STUN implementation. |
| Affected: |  | ASTERISK : Asterisk 1.2 | | | | ASTERISK : Asterisk 1.4 | | | | ASTERISK : Asterisk s800i | | CVE: |  | CVE-2007-3765 (The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.) | | | | CVE-2007-3764 (The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy.") | | | | CVE-2007-3763 (The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable.) | | | | CVE-2007-3762 (Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.) |
|
|
|
|
|
