Package: asterisk Severity: grave Tags: security Justification: user security hole
An exploitable security problem has been found in Asterisk by Wade Alcorn: | There is a programming error in the function that parses commands in the | Asterisk system. This is used by the manager interface if the user is | allowed to submit CLI commands. The coding error can result in the | overflow of one of the parameters of the calling function. That is, the | command parsing function will return without error. However, the calling | function will cause a segmentation fault. | | If the command string is specifically crafted, is it possible to use | this stack overflow to execute arbitrary code on the Asterisk system. | The resulting execution is (typically) run with root privileges. | | A command consisting of a recurring string of two double quotes followed | by a tab character will induce the segmentation fault within a Call | Manager thread. The full advisory can found at http://www.bindshell.net/voip/advisory-05-013.txt Version 1.0.8 fixes this issue. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-rc5 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
