Your message dated Fri, 1 Jul 2005 23:32:32 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Fwd: asterisk_1.0.9.dfsg-1_i386.changes ACCEPTED
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 23 Jun 2005 09:38:31 +0000
>From [EMAIL PROTECTED] Thu Jun 23 02:38:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org (vserver151.vserver151.serverflex.de)
[193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DlOA6-0001Nw-00; Thu, 23 Jun 2005 02:38:18 -0700
Received: from wlan-client-069.informatik.uni-bremen.de ([134.102.116.70]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DlO5A-0002yY-1A
for [EMAIL PROTECTED]; Thu, 23 Jun 2005 11:33:12 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.51)
id 1DlOA5-0001mP-C8; Thu, 23 Jun 2005 11:38:17 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: asterisk: Buffer overflow in command line parser
X-Mailer: reportbug 3.15
Date: Thu, 23 Jun 2005 11:38:17 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 134.102.116.70
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
An exploitable security problem has been found in Asterisk by Wade
Alcorn:
| There is a programming error in the function that parses commands in the
| Asterisk system. This is used by the manager interface if the user is
| allowed to submit CLI commands. The coding error can result in the
| overflow of one of the parameters of the calling function. That is, the
| command parsing function will return without error. However, the calling
| function will cause a segmentation fault.
|
| If the command string is specifically crafted, is it possible to use
| this stack overflow to execute arbitrary code on the Asterisk system.
| The resulting execution is (typically) run with root privileges.
|
| A command consisting of a recurring string of two double quotes followed
| by a tab character will induce the segmentation fault within a Call
| Manager thread.
The full advisory can found at
http://www.bindshell.net/voip/advisory-05-013.txt
Version 1.0.8 fixes this issue.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 315532-done) by bugs.debian.org; 1 Jul 2005 22:31:28 +0000
>From [EMAIL PROTECTED] Fri Jul 01 15:31:28 2005
Return-path: <[EMAIL PROTECTED]>
Received: from dsl-80-43-204-178.access.as9105.com (bristol.purcell.id.au)
[80.43.204.178] (Debian-exim)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DoU2i-0004Os-00; Fri, 01 Jul 2005 15:31:28 -0700
Received: from dell.purcell.id.au ([192.168.3.15] ident=Debian-exim)
by bristol.purcell.id.au with esmtp (Exim 4.51)
id 1DoU2d-00021w-4t; Fri, 01 Jul 2005 23:31:26 +0100
Received: from mark by dell.purcell.id.au with local (Exim 4.51)
id 1DoU3k-0000a3-SO; Fri, 01 Jul 2005 23:32:33 +0100
From: Mark Purcell <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED],
[EMAIL PROTECTED]
Date: Fri, 1 Jul 2005 23:32:32 +0100
User-Agent: KMail/1.8.1
MIME-Version: 1.0
Disposition-Notification-To: Mark Purcell <[EMAIL PROTECTED]>
Content-Type: Multipart/Mixed;
boundary="Boundary-00=_AScxCreFlbDKEK3"
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 192.168.3.15
X-SA-Exim-Rcpt-To: [EMAIL PROTECTED], [EMAIL PROTECTED]
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
Subject: Fwd: asterisk_1.0.9.dfsg-1_i386.changes ACCEPTED
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on bristol.purcell.id.au)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
--Boundary-00=_AScxCreFlbDKEK3
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
New upstream release fixes both of these issues.
Mark
--Boundary-00=_AScxCreFlbDKEK3
Content-Type: message/rfc822;
name="forwarded message"
Content-Transfer-Encoding: 7bit
Content-Description: Debian Installer <[EMAIL PROTECTED]>:
asterisk_1.0.9.dfsg-1_i386.changes ACCEPTED
Content-Disposition: inline
Return-path: <[EMAIL PROTECTED]>
Envelope-to: [EMAIL PROTECTED]
Delivery-date: Fri, 01 Jul 2005 23:22:56 +0100
Received: from newraff.debian.org ([208.185.25.31] ident=mail)
by bristol.purcell.id.au with esmtp (Exim 4.51)
id 1DoTuP-00021G-LG
for [EMAIL PROTECTED]; Fri, 01 Jul 2005 23:22:55 +0100
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DoTos-0005qo-00; Fri, 01 Jul 2005 18:17:10 -0400
From: Debian Installer <[EMAIL PROTECTED]>
To: Mark Purcell <[EMAIL PROTECTED]>,
Debian VoIP Team <[EMAIL PROTECTED]>
X-Katie: $Revision: 1.56 $
Precedence: bulk
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 01 Jul 2005 18:17:10 -0400
X-SA-Exim-Connect-IP: 208.185.25.31
X-SA-Exim-Rcpt-To: [EMAIL PROTECTED]
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
Subject: asterisk_1.0.9.dfsg-1_i386.changes ACCEPTED
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on debian
X-Spam-Level:
X-Spam-Status: No, score=-2.5 required=1.0 tests=AWL,BAYES_00 autolearn=ham
version=3.0.4
X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100)
X-SA-Exim-Scanned: Yes (on bristol.purcell.id.au)
X-UID: 1195
Content-Length: 1186
X-Keywords:
Content-Type:
X-Length: 2662
Accepted:
asterisk-config_1.0.9.dfsg-1_all.deb
to pool/main/a/asterisk/asterisk-config_1.0.9.dfsg-1_all.deb
asterisk-dev_1.0.9.dfsg-1_all.deb
to pool/main/a/asterisk/asterisk-dev_1.0.9.dfsg-1_all.deb
asterisk-doc_1.0.9.dfsg-1_all.deb
to pool/main/a/asterisk/asterisk-doc_1.0.9.dfsg-1_all.deb
asterisk-gtk-console_1.0.9.dfsg-1_i386.deb
to pool/main/a/asterisk/asterisk-gtk-console_1.0.9.dfsg-1_i386.deb
asterisk-h323_1.0.9.dfsg-1_i386.deb
to pool/main/a/asterisk/asterisk-h323_1.0.9.dfsg-1_i386.deb
asterisk-sounds-main_1.0.9.dfsg-1_all.deb
to pool/main/a/asterisk/asterisk-sounds-main_1.0.9.dfsg-1_all.deb
asterisk-web-vmail_1.0.9.dfsg-1_all.deb
to pool/main/a/asterisk/asterisk-web-vmail_1.0.9.dfsg-1_all.deb
asterisk_1.0.9.dfsg-1.diff.gz
to pool/main/a/asterisk/asterisk_1.0.9.dfsg-1.diff.gz
asterisk_1.0.9.dfsg-1.dsc
to pool/main/a/asterisk/asterisk_1.0.9.dfsg-1.dsc
asterisk_1.0.9.dfsg-1_i386.deb
to pool/main/a/asterisk/asterisk_1.0.9.dfsg-1_i386.deb
asterisk_1.0.9.dfsg.orig.tar.gz
to pool/main/a/asterisk/asterisk_1.0.9.dfsg.orig.tar.gz
Announcing to debian-devel-changes@lists.debian.org
Closing bugs: 315578
Thank you for your contribution to Debian.
--Boundary-00=_AScxCreFlbDKEK3--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
