Denial of Service : Asterisk DoS Vulnerability (AST-2021-005)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.145420

Categoría: Denial of Service

Título: Asterisk DoS Vulnerability (AST-2021-005)

Resumen: Asterisk is prone to a denial of service vulnerability in the; PJSIP channel driver.

Descripción: Summary:
Asterisk is prone to a denial of service vulnerability in the
PJSIP channel driver.

Vulnerability Insight:
Given a scenario where an outgoing call is placed from Asterisk
to a remote SIP server it is possible for a crash to occur.

The code responsible for negotiating SDP in SIP responses incorrectly assumes that SDP negotiation
will always be successful. If a SIP response containing an SDP that can not be negotiated is
received a subsequent SDP negotiation on the same call can cause a crash.

If the 'accept_multiple_sdp_answers' option in the 'system' section of pjsip.conf is set to 'yes'
then any subsequent non-forked SIP response with SDP can trigger this crash.

If the 'follow_early_media_fork' option in the 'system' section of pjsip.conf is set to 'yes' (the
default) then any subsequent SIP responses with SDP from a forked destination can trigger this
crash.

If a 200 OK with SDP is received from a forked destination it can also trigger this crash, even if
the 'follow_early_media_fork' option is not set to 'yes'.

In all cases this relies on a race condition with tight timing where the second SDP negotiation
occurs before termination of the call due to the initial SDP negotiation failure.

Affected Software/OS:
Asterisk Open Source 13.x, 16.x, 17.x, 18.x and 16.x Certified
Asterisk.

Solution:
Update to version 13.38.2, 16.16.1, 17.9.2, 18.2.1, 16.8-cert6
or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-26906
http://seclists.org/fulldisclosure/2021/Feb/61
http://packetstormsecurity.com/files/161477/Asterisk-Project-Security-Advisory-AST-2021-005.html
https://downloads.asterisk.org/pub/security/

Copyright Copyright (C) 2021 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.145420
Categoría:	Denial of Service
Título:	Asterisk DoS Vulnerability (AST-2021-005)
Resumen:	Asterisk is prone to a denial of service vulnerability in the; PJSIP channel driver.
Descripción:	Summary: Asterisk is prone to a denial of service vulnerability in the PJSIP channel driver. Vulnerability Insight: Given a scenario where an outgoing call is placed from Asterisk to a remote SIP server it is possible for a crash to occur. The code responsible for negotiating SDP in SIP responses incorrectly assumes that SDP negotiation will always be successful. If a SIP response containing an SDP that can not be negotiated is received a subsequent SDP negotiation on the same call can cause a crash. If the 'accept_multiple_sdp_answers' option in the 'system' section of pjsip.conf is set to 'yes' then any subsequent non-forked SIP response with SDP can trigger this crash. If the 'follow_early_media_fork' option in the 'system' section of pjsip.conf is set to 'yes' (the default) then any subsequent SIP responses with SDP from a forked destination can trigger this crash. If a 200 OK with SDP is received from a forked destination it can also trigger this crash, even if the 'follow_early_media_fork' option is not set to 'yes'. In all cases this relies on a race condition with tight timing where the second SDP negotiation occurs before termination of the call due to the initial SDP negotiation failure. Affected Software/OS: Asterisk Open Source 13.x, 16.x, 17.x, 18.x and 16.x Certified Asterisk. Solution: Update to version 13.38.2, 16.16.1, 17.9.2, 18.2.1, 16.8-cert6 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-26906 http://seclists.org/fulldisclosure/2021/Feb/61 http://packetstormsecurity.com/files/161477/Asterisk-Project-Security-Advisory-AST-2021-005.html https://downloads.asterisk.org/pub/security/
Copyright	Copyright (C) 2021 Greenbone AG