Vigil@nce: Asterisk, denial of service of RTP
August 2009 by Vigil@nce
An attacker can send malicious text data to Asterisk version 1.6.1
or 1.6.1.1 in order to stop it.
Severity: 2/4
Consequences: denial of service of service
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 28/07/2009
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The RFC 4103 defines how to transmit text conversations (ITU-T
Recommendation T.140) in RTP packets (RFC 3550, Real-time
Transport Protocol).
The Asterisk program searches the end of the RTP header. However,
if the end mark is absent, a NULL pointer is dereferenced. This
error only impacts versions 1.6.1 et 1.6.1.1.
An attacker can therefore send a malicious T.140 text in order to
stop Asterisk.
CHARACTERISTICS
Identifiers: AST-2009-004, BID-35837, CVE-2009-2651,
VIGILANCE-VUL-8893
http://vigilance.fr/vulnerability/Asterisk-denial-of-service-of-RTP-8893