CVE-2008-2543

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2008-2543 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The information has been provided by Mark Michelson.
The original article can be found at: http://downloads.digium.com/pub/security/AST-2008-009.pdf

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2008-2543

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Asterisk Addons versions prior to 1.2.9
* Asterisk Addons versions prior to 1.4.7

Immune Systems:
* Asterisk Addons version 1.2.9
* Asterisk Addons version 1.4.7

The ooh323 channel driver provided in Asterisk Addons used a TCP connection to pass commands internally. The payload of these packets included addresses of memory which were to be freed after the command was processed. By sending arbitrary data to the listening TCP socket, one could cause an almost certain crash since the command handler would attempt to free invalid memory. This problem was made worse by the fact that the listening TCP socket was bound to whatever IP address was specified by the "bindaddr" option in ooh323.conf

Resolution:
The TCP connection used by ooh323 has been replaced with a pipe. The effect of this change is that data from outside the ooh323 process may not be injected.

CVE Information:
CVE-2008-2543

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus