MuLabs has posted details of multiple vulnerabilities in Asterisk 1.2.10.
Excerpt:
Vulnerability Details:
A remote stack buffer overflow condition in Asterisk's MGCP implementation could allow for arbitrary code execution. The vulnerable code is triggered with the use of a malformed AUEP (audit endpoint) response message.
A second issue exists in the handling of file names sent to the Record()application which could lead to arbitrary code execution via a format string attack or arbitrary file-overwrite via directory traversal techniques. The impact of this vulnerability is minimal, however, as it requires an administrator to use a client-controlled variable as part of the filename.
Solution:
Mu Security would like to thank the Asterisk security team for their timely response to these issues.
A patch for the buffer overflow is available from the following link:
http://ftp.digium.com/pub/asterisk/asterisk-1.2.11-patch.gz
To protect against the Record() vulnerability, do not use user-controlled variables ( eg, ${CALLERIDNAME} ) as part of the the filename argument.
Update
There is an entry on mantis regarding the above, which has not been committed.
Current Rating: 0/10 (0 votes) Similar Articles (Based on Title)Iaxclient-devel: buzzing ringtones fixed, iaxcomm 1.0rc2 released - February 16, 2005
Michael Van Donselaar has posted details of the latest release of iaxcomm.
Zaptel 1.2.11 released - November 11, 2006
The Asterisk Development Team is pleased to announce the release of version 1.2.11 of Zaptel.
Asterisk 1.2.10 and Zaptel 1.2.7 released - July 15, 2006
The Asterisk Development Team have posted detail of the latest release of Asterisk and Zaptel.
ChanSkype 1.2.10 released - April 18, 2007
The ChanSkype team have posted details of the latest version.
New Script on Voip-Info for Multiple ENUM entries. - October 14, 2004
Rainer has notified us about an agi script on voip-info.org which allows asterisk finally to handle multiple different ENUM entries also with different priorities etc.
*-Dev: multiple registrations of same credentials - October 7, 2006
Bradley has posted details of a patch he has written for SIP forking.
Multiple CDR UserFields in MySQL CDRs - March 30, 2007
I have been using a patch on most of our systems for a while that I wrote to allow us to store userfield2-5 in MySQL. Basically we needed to store extra information.
Openfire Jabber-Server: Multiple Vulnerabilities - November 11, 2008
Andreas Kurtz has posted details of multiple vulnerabilities in the Openfire Jabber server including Authentication Bypass and SQL injection.
Openfire Jabber-Server: Multiple Vulnerabilities - November 11, 2008
Andreas Kurtz has posted details of multiple vulnerabilities in the Openfire Jabber server including Authentication Bypass and SQL injection.
Vulnerabilities in Cisco VOIP - July 17, 2005
Trixter has posted details of the discovery of 5 new security holes in Cisco CM.
CORE-2006-0327: IAXclient truncated frames vulnerabilities - June 13, 2006
Core Security Technologies have posted details of a security hole in IAXclient to Bugtraq.
Original Content (C) 2004-2010
Matt Riddell
Icons by: FastIcon.com
|
Sound card Line-In as MOH source
May 16, 2005 Average Vote: 10
Niksa Baldun has posted a script (line of code) to allow you to select the line in of your sound card as a music on hold source.
39 Free Softphones
August 14, 2009 Average Vote: 9.9
I decided to do another round up article, this time focusing on the 39 best free softphones.
Asterisk IPv6 update
February 1, 2010 Average Vote: 9.9
Olle has posted an update on IPV6 in Asterisk and a link to a blog post of his.
Interview with Mark Spencer
November 26, 2004 Average Vote: 9.8
We have managed to get an interview with Mark Spencer AKA Markster. Mark Spencer is the creator of Asterisk and by far the most active developer.
Monitoring Asterisk with Munin
January 7, 2010 Average Vote: 9.8
I had a few requests for these munin plugins after some discussion on one of the Asterisk lists and thought people might like them.
Unit Test Framework Now Available
January 5, 2010 Average Vote: 9.6
David Vossel has posted details of the new unit test framework in Asterisk - this will likely lead to some pretty decent advances in stability.
Wishlist for 1.8 - new media negotiation
February 8, 2010 Average Vote: 9.5
Olle has posted a note explaining his with for codec negotiation fixup.
Asterisk-Addons 1.6.0.2 Now Available
May 22, 2009 Average Vote: 9.5
The Asterisk Development Team is pleased to announce the release of Asterisk-Addons 1.6.0.2.
Interview with John Todd
August 22, 2009 Average Vote: 9.4
We have just completed an interview with John Todd - the Asterisk Open Source Community Director.
New feature for AMI Redirect command
September 22, 2009 Average Vote: 9.3
Hakon Nessjoen has posted an email asking for testing of a patch for redirecting channels in different directions.
Asterisk in a Fortune 500 company
January 18, 2010 Average Vote: 9.3
John Todd has posted an interesting link about a speech that will take place in which Jeremy Wadhams from Yahoo will discuss an Asterisk implementation in a Fortune 500 company.
New feature: Asterisk Manager Interface commands for DeviceState
February 1, 2010 Average Vote: 9.3
Hakon Nessjoen has another path - this one allows getting and setting device state via the Asterisk Manager interface.
State of FAX (primarily T.38) in Asterisk trunk (planning for 1.8 release)
December 4, 2009 Average Vote: 9.3
Kevin Fleming has written up a description of where fax is at in Asterisk.
Billing systems and Daily Grind
January 8, 2010 Average Vote: 9.3
Most of the articles I write on the Daily Asterisk News are about releases of software etc, but I thought I would give you an update on what I am working on day to day.
Amazing Asterisk Sign
August 18, 2009 Average Vote: 9.3
Leif Madsen posted a link to a cool photo of someone hijacking a sign for Asterisk.
Wishlist for 1.8 - new media negotiation
February 8, 2010
Olle has posted a note explaining his with for codec negotiation fixup.
Asterisk 1.6.0.22, 1.6.1.14, and 1.6.2.2 Released
February 4, 2010
The Asterisk Development Team has announced security releases for Asterisk.
Simplified Voting
February 1, 2010
Hi all, I was going through the stats for the Daily Asterisk News and noted that the star rating system I was using was taking 180KB to download.
MixMonitor Mute
February 1, 2010
Julian Lyndon-Smith has posted details of a patch he has written to temporarily mute MixMonitor recordings.
Asterisk IPv6 update
February 1, 2010
Olle has posted an update on IPV6 in Asterisk and a link to a blog post of his.
New feature: Asterisk Manager Interface commands for DeviceState
February 1, 2010
Hakon Nessjoen has another path - this one allows getting and setting device state via the Asterisk Manager interface.
New feature in app_queue: Give members a penalty time for not answering
February 1, 2010
Hakon Nessjoen has posted detail of a patch he has written to add a new option to queues.conf.
Asterisk with Apple iPad
January 28, 2010
Apple has release the iPad today - their latest product - a tablet computer with a multi touch surface. It strikes me that this could potentially be used for a fantastic cheap receptionists console.
Adventures in RTCP - a short report
January 28, 2010
Olle has posted a writeup on his RTCP work - still could do with more testers.
Asterisk GSoC 2010
January 28, 2010
Russell has posted details of the Google Summer of Code program which will be running again this year. |
