|
|
| |
| Logging messages displayed using the Asterisk ast_verbose logging API call are not displayed as a character string, they are displayed as a format string. Output as a result of the Manager command "command" is not appended to the resulting response message as a character string, it is appended as a format string. It is possible in both instances for an attacker to provide a formatted string as a value for input which can cause a crash. |
| |
Credit:
The information has been provided by Joshua Colp.
The original article can be found at: http://downloads.digium.com/pub/security/AST-2008-004.html
|
| |
Vulnerable Systems:
* Asterisk Open Source versions prior to 1.6.0-beta6
Immune Systems:
* Asterisk Open Source version 1.6.0-beta6
Resolution:
Input given to both the ast_verbose logging API call and astman_append function is now interpreted as a character string and not as a format string.
Bugs:
The following two bug reports provide more information about this vulnerability:
http://bugs.digium.com/view.php?id=12205
http://bugs.digium.com/view.php?id=12206
CVE Information:
CVE-2008-1333
|
|
|
|
|
|
|
|
