Asterisk PBX SIP DoS - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Asterisk PBX SIP DoS
updated since 04.03.2007
Published: 22.03.2007
Source: FULL-DISCLOSURE
SecurityVulns ID: 7344
Type: remote
Level: 6/10
Description: Application crash on malcrafted SIP packet.

Affected: ASTERISK : Asterisk 1.2
ASTERISK : Asterisk 1.4
CVE: CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.)
CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.)
CVE-2007-1561 (The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.)
CVE-2007-1306 (Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.)

Original document Matt Riddell (IT), Two new DoS Vulnerabilities in Asterisk Fixed (22.03.2007)

Radu State, [Full-disclosure] Asterisk SDP DOS vulnerability (19.03.2007)

noreply_(at)_musecurity.com, [Full-disclosure] [MU-200703-01] Remote DOS in Asterisk SIP (09.03.2007)

Anonymous Person, [Full-disclosure] asterisk remote pre-auth denial of service (04.03.2007)

Files: Exploits Asterisk INVITE SIP message DoS
Exploits Asterisk SIP DoS vulnerability
Discuss: Read or add your comments to this news (0 comments)