Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2007-2488 to a friend New vulnerability? New tool? Tell us	CVE-2007-2488 IAX2 Users can Cause Unauthorized Data Disclosure     Credit: The information has been provided by Tim Panton, Mexuar and Birgit Arkesteijn, Westhawk . The original article can be found at: http://ftp.digium.com/pub/asa/ASA-2007-013.pdf Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2007-2488 Details Check for CVE-2007-2488 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Asterisk Open Source versions prior to 1.2.19  * Asterisk Open Source versions prior to 1.4.4  * Asterisk Business Edition versions A.x.x  * Asterisk Business Edition versions prior to B.2.1  * AsteriskNOW versions prior to and include Beta 5  * Asterisk Appliance Developer Kit versions prior 0.4.1 Immune Systems:  * Asterisk Open Source version 1.2.19  * Asterisk Open Source version 1.4.4  * Asterisk Business Edition version B.2.1  * AsteriskNOW version Beta 6  * Asterisk Appliance Developer Kit version 0.4.1 chan_iax2 assumes that the content of a text frame is a NULL terminated string (C style), and when time comes to forward the string it uses strlen to determine the message length. If you send a frame without a 0 byte in it, Asterisk forwards a frame that includes the sent data and some extra (presumably heap) data. If an attacker were lucky, the extra data could contain something interesting. Or conceivably it could cause a segmentation violation. Resolution: Asterisk code has been modified to enforce null-termination of incoming text frames received by the IAX2 channel driver (chan_iax2). When text frames are received without null-termination, this may result in the last byte of data in the frame being lost, if the IAX2 reception process does not have space in its receive buffer to add a null character. As this vulnerability is of 'low' severity, it does not justify new releases of Asterisk solely for mitigating its impact. The fix for this vulnerability has been committed to the Asterisk Subversion source code repositories and is available to all users who wish to upgrade to a prerelease checkout of the respective development branch for their release series of Asterisk. All other users can upgrade when the next regularly scheduled release of their product is produced. CVE Information: CVE-2007-2488  Comments on CVE-2007-2488:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®