retitlle 618790 asterisk: AST-2011-005: File Descriptor Resource Exhaustion
through TCP
thanks
As you may have noticed, this issue was not yet fixed. Here's a quick
update:
On Fri, Mar 18, 2011 at 02:14:20PM +0000, Tzafrir Cohen wrote:
> Package: asterisk
> Version: 1:1.6.2.9-2+squeeze2
> Justification: AST-2011-003: Resource exhaustion in Asterisk Manager Interface
> Severity: serious
> Tags: security patch upstream
>
> Rapidly opening manager connections, sending invalid data, and closing the
> connection can cause Asterisk to exhaust available CPU and memory resources.
Looking further into the issue, I realised that the fix they put there
(break the connection in case of a failed write) does not help a bit.
The real issue is that you can just open a connection, wait as long as
you want, and consume a file descriptor from Asterisk in the process.
I approached Digium with this. They took my initial fix, improved it and
started testing it. Only to realise that this also applies to other
TCP services. Which meant more patching and more testing.
While they were at it, they realised that the test in the Asterisk code
for the "system" privs in the manager interface is missing altogether in
1.4 and misses an important case in later versions. If you'll look at
the patch in it for Squeeze you'll see that Debian was missing one other
case that was already fixed upstream of some revered logic.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.co...@xorcom.com
+972-50-7952406 mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
