Update Protection against Asterisk Buffer Overflow Vulnerabilities
|Check Point Reference:||CPAI-2008-210|
|Protection Provided by:||
Who is Vulnerable?
Asterisk Open Source 1.4.x before 18.104.22.168 and 1.4.19-rc3
Astersik Open Source 1.6.x before 1.6.0-beta6
Asterisk Business Edition C.x.x before C.1.6.1
AsteriskNOW 1.0.x before 1.0.2
Asterisk Appliance Developer Kit before 1.4 revision 109386
s800i 1.1.x before 22.214.171.124
Two buffer overflow vulnerabilities have been reported in the RTP payload handling code of Asterisk that could allow remote attackers to execute arbitrary code.
Two fixes have been added to check the provided data to ensure it does not exceed static buffer sizes.
A vulnerability in Asterisk could allow remote attackers to execute a buffer overflow by writing a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c.
A second vunerability in Asterisk could allow remote attackers to execute arbitrary code by writing certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c.
To configure the defense, select your product from the list below and follow the related protection steps.
IPS-1 and IPS-1 NGX R65
How Can I Protect My Network?
Networks can be protected from potential exploits of this buffer overflow vulnerability by updating IPS-1 sensors with this protection.
How Do I Know if My Network is Under Attack?
A sip_digium:cve_2008_1289_count_alert will be generated when the first buffer overflow vulnerability is being exploited.
A sip_digium:cve_2008_1289_number_alert will be generated when the second vulnerability being exploited.