SB2018112617 - Gentoo update for Asterisk

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018112617

SB2018112617 - Gentoo update for Asterisk

Published: November 26, 2018

Security Bulletin ID SB2018112617
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 20% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2017-16671)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when setting the user field for Party B on a CDR. A remote unauthenticated attacker can send a specially-crafted request, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Memory leak (CVE-ID: CVE-2017-16672)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to memory leak in pjsip session resource. A remote unauthenticated attacker can send a specially-crafted request, exhaust available memory and cause the system to crash.



3) Improper input validation (CVE-ID: CVE-2017-17850)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists due to an error when processing malicious SIP data. A remote attacker can send specially crafted SIP data without a contact header, trigger an error in the PJSIP channel driver and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.


4) Information disclosure (CVE-ID: CVE-2018-12227)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to application responds with different error codes depending on presence of ACL rules for SIP requests. A remote attacker can identify presence of ACL rules.


5) Stack-based buffer overflow (CVE-ID: CVE-2018-17281)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing HTTP requests within "res_http_websocket.so" module. A remote unauthenticated attacker can send a specially crafted HTTP request that triggers an HTTP websocket upgrade, causes stack overflow and consumes all available stack memory on the system.

Successful exploitation of this vulnerability may result in denial of service attack.



Remediation

Install update from vendor's website.

References