AERAsec - Network Security - Current Security Messages

Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!

This is some information you send:
Your Browser	CCBot/2.0
Your IP address	ec2-184-72-184-104.compute-1.amazonaws.com [184.72.184.104]
Your referer	(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen message with ID ae-200806-006

System:	Some
Topic:	Vulnerabilities in Asterisk
Links:	AST-2008-008, CVE-2008-2119 ESB-2008.0579, AST-2008-009, CVE-2008-2543 ESB-2008.0587,
ID:	ae-200806-006

During pedantic SIP processing the From header value is passed to the ast_uri_decode function to be decoded. In two instances it is possible for the code to cause a crash as the From header value is not checked to be non-NULL before being passed to the function.
The ooh323 channel driver provided in Asterisk Addons used a TCP connection to pass commands internally. The payload of these packets included addresses of memory which were to be freed after the command was processed. By sending arbitrary data to the listening TCP socket, one could cause an almost certain crash since the command handler would attempt to free invalid memory. This problem was made worse by the fact that the listening TCP socket was bound to whatever IP address was specified by the "bindaddr" option in ooh323.conf
Fixed software is available now.