BID:22838

Asterisk SIP Channel Driver Remote Denial of Service Vulnerability

Info

Asterisk SIP Channel Driver Remote Denial of Service Vulnerability

Bugtraq ID:	22838
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-1306
Remote:	Yes
Local:	No
Published:	Mar 06 2007 12:00AM
Updated:	Aug 28 2007 11:02PM
Credit:	fbffff and Mu Security are credited with the discovery of this vulnerability.
Vulnerable:	SuSE Linux 10.1 Gentoo Linux EasyVoxBox EasyVoxBox 0.005 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.10 Asterisk Asterisk 1.2.9 Asterisk Asterisk 1.2.8 Asterisk Asterisk 1.2.7 Asterisk Asterisk 1.2.6 Asterisk Asterisk 1.2.5 Asterisk Asterisk 1.2 .0-beta2 Asterisk Asterisk 1.2 .0-beta1 Asterisk Asterisk 1.0.12 Asterisk Asterisk 1.0.11 Asterisk Asterisk 1.0.10 Asterisk Asterisk 1.0.9 Asterisk Asterisk 1.0.8 Asterisk Asterisk 1.0.7 Asterisk Asterisk 1.0.6 Asterisk Asterisk 1.0 Asterisk Asterisk 0.9 .0 Asterisk Asterisk 0.7.2 Asterisk Asterisk 0.7.1 Asterisk Asterisk 0.7 .0 Asterisk Asterisk 0.4 Asterisk Asterisk 0.3 Asterisk Asterisk 0.2 Asterisk Asterisk 0.1.11 Asterisk Asterisk 0.1.9 -1 Asterisk Asterisk 0.1.9 Asterisk Asterisk 0.1.8 Asterisk Asterisk 0.1.7 Asterisk Asterisk 1.4 Beta

Not Vulnerable:	EasyVoxBox EasyVoxBox 0.006 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.16

Discussion

Asterisk SIP Channel Driver Remote Denial of Service Vulnerability

Asterisk is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.

Asterisk versions prior to 1.2.16 and 1.4.1 are vulnerable to this issue.

Exploit / POC

Asterisk SIP Channel Driver Remote Denial of Service Vulnerability

To exploit this issue, attackers may use readily available network utilities.

The following denial-of-service exploit code is available:

/data/vulnerabilities/exploits/Asterisk-sip-DoS_rexp.c

Solution / Fix

References

Asterisk SIP Channel Driver Remote Denial of Service Vulnerability

References:

Asterisk 1.2.16 Released (Asterisk)
Asterisk 1.4.1 Released (Asterisk)
Release Name: EVB-0.006 (EasyVoxBox)
Remote DOS in Asterisk SIP [MU-200703-01] (Mu Security)
Vulnerability Note VU#228032 Asterisk unspecified remote pre-authentication DoS (US-CERT)