[AsteriskBrasil] Fwd: [asterisk-dev] AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header

Sylvio Jollenbeck sylvio.jollenbeck em gmail.com
Quarta Março 27 19:54:59 BRT 2013 

PSC

---------- Forwarded message ----------
From: Asterisk Security Team <security em asterisk.org>
Date: 2013/3/27
Subject: [asterisk-dev] AST-2013-001: Buffer Overflow Exploit Through SIP
SDP Header
To: asterisk-dev em lists.digium.com


               Asterisk Project Security Advisory - AST-2013-001

          Product         Asterisk
          Summary         Buffer Overflow Exploit Through SIP SDP Header
     Nature of Advisory   Exploitable Stack Buffer Overflow
       Susceptibility     Remote Unauthenticated Sessions
          Severity        Major
       Exploits Known     No
        Reported On       6 January, 2013
        Reported By       Ulf Ha:rnhammar
         Posted On        27 March, 2013
      Last Updated On     March 27, 2013
      Advisory Contact    Jonathan Rose <jrose AT digium DOT com>
          CVE Name        CVE-2013-2685

    Description  The format attribute resource for h264 video performs an
                 unsafe read against a media attribute when parsing the SDP.
                 The vulnerable parameter can be received as strings of an
                 arbitrary length and Asterisk attempts to read them into
                 limited buffer spaces without applying a limit to the
                 number of characters read. If a message is formed
                 improperly, this could lead to an attacker being able to
                 execute arbitrary code remotely.

    Resolution  Attempts to read string data into the buffers noted are now
                explicitly limited by the size of the buffers.

                               Affected Versions
                Product              Release Series
         Asterisk Open Source             11.x       All Versions

                                  Corrected In
                     Product                              Release
               Asterisk Open Source                        11.2.2

                                    Patches
                               SVN URL                              Revision
   Http://downloads.asterisk.org/pub/security/AST-2013-001-11.diff Asterisk
                                                                   11

       Links     https://issues.asterisk.org/jira/browse/ASTERISK-20901

    Asterisk Project Security Advisories are posted at
    http://www.asterisk.org/security

    This document may be superseded by later versions; if so, the latest
    version will be posted at
    http://downloads.digium.com/pub/security/AST-2013-001.pdf and
    http://downloads.digium.com/pub/security/AST-2013-001.html

                                Revision History
            Date                  Editor               Revisions Made
    February 11, 2013      Jonathan Rose         Initial Draft
    March 27, 2013         Matt Jordan           CVE Added

               Asterisk Project Security Advisory - AST-2013-001
              Copyright (c) 2013 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in
its
                           original, unaltered form.


--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev



-- 
Sylvio Jollenbeck
www.hosannatecnologia.com.br
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: http://listas.asteriskbrasil.org/pipermail/asteriskbrasil/attachments/20130327/0680a8c8/attachment-0001.htm

Mais detalhes sobre a lista de discussão AsteriskBrasil