Asterisk Project Security Advisory - When Asterisk registers to a SIP TLS device and and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte after the portion of the common name that Asterisk expected.
b08ef4b3d0f8ba0061a7cd3e5a8e37967a3286590dcc31a21c17c24ecb06371eAsterisk Project Security Advisory - The Asterisk module res_pjsip_acl provides the ability to configure ACLs that may be used to reject SIP requests from various hosts. In affected versions of Asterisk, this module fails to create and apply ACLs defined in pjsip.conf. This may be worked around by reloading res_pjsip manually after res_pjsip_acl is loaded.
b3b03fb6b4fdfbb86b064255aefc3988d26b8846fa6491e95caf916c96308e46Asterisk Project Security Advisory - Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is permitted to use manager commands can potentially execute shell commands as the user executing the Asterisk process.
930cf84fa176bf5c4db20b34cce8c5d33a35ed70742265a86ef2b9f3ab699974Asterisk Project Security Advisory - The format attribute resource for h264 video performs an unsafe read against a media attribute when parsing the SDP. The vulnerable parameter can be received as strings of an arbitrary length and Asterisk attempts to read them into limited buffer spaces without applying a limit to the number of characters read. If a message is formed improperly, this could lead to an attacker being able to execute arbitrary code remotely.
6dbcc321fa05a34d90ae2594f9ee9d1f4e3a55fa0610c69189ee26ee7c7e8f70Asterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.
98ea67fda37608ee4b744ee6c51c819b2fd3cdd1838c33bc4c08c48b26462701Asterisk Project Security Advisory - If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.
c571c19d564846b6e1ecb5b41d7e710e95aaede9cc69e13f64613da97587d97d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed