Vigil@nce - Asterisk: two denial of service
July 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can use two vulnerabilities of Asterisk,
in order to stop it.
Severity: 2/4
Creation date: 06/07/2012
IMPACTED PRODUCTS
– Asterisk Open Source
– Fedora
DESCRIPTION OF THE VULNERABILITY
Two denials of service were announced in Asterisk.
An authenticated attacker can force Asterisk to resend a SIP
INVITE message, then he can reply with provisional data, and close
the session. However, Asterisk does not free resources and the
port used. If an attacker repeats this operation, he can
progressively create a denial of service. [severity:1/4;
AST-2012-010, BID-54327, CVE-2012-3863]
An attacker can connect twice to the same voicemail account, in
order to force a double memory free. This error stops Asterisk,
and may lead to code execution. [severity:2/4; AST-2012-011,
BID-54317, CVE-2012-3812]
An authenticated attacker can therefore use two vulnerabilities of
Asterisk, in order to stop it.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Asterisk-two-denial-of-service-11746