FreeBSD : Asterisk -- multiple vulnerabilities (40544e8c-9f7b-11e0-9bec-6c626dd55a41)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Asterisk Development Team reports :

AST-2011-008: If a remote user sends a SIP packet containing a NULL,
Asterisk assumes available data extends past the null to the end of
the packet when the buffer is actually truncated when copied. This
causes SIP header parsing to modify data past the end of the buffer
altering unrelated memory structures. This vulnerability does not
affect TCP/TLS connections.

AST-2011-009: A remote user sending a SIP packet containing a Contact
header with a missing left angle bracket causes Asterisk to access a
NULL pointer.

AST-2011-010: A memory address was inadvertently transmitted over the
network via IAX2 via an option control frame and the remote party
would try to access it.

Possible enumeration of SIP users due to differing authentication
responses.

See also :

http://downloads.asterisk.org/pub/security/AST-2011-008.html
http://downloads.asterisk.org/pub/security/AST-2011-009.html
http://downloads.asterisk.org/pub/security/AST-2011-010.html
http://downloads.asterisk.org/pub/security/AST-2011-011.html
http://www.nessus.org/u?132cf7c2

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 55430 ()

Bugtraq ID:

CVE ID: CVE-2011-2529
CVE-2011-2535
CVE-2011-2536

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now