Asterisk PJSIP Channel Driver Multiple DoS Vulnerabilities (AST-2014-005 / AST-2014-008)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

A telephony application running on the remote host is affected by
multiple denial of service vulnerabilities.

Description :

According to the version in its SIP banner, the version of Asterisk
running on the remote host is potentially affected by the following
denial of service vulnerabilities in the PJSIP channel driver :

- A flaw exists in the publish / subscribe framework when
an attempt to unsubscribe is made when not already
subscribed. A remote attacker could exploit this flaw
to cause a denial of service. (CVE-2014-4045)

- A flaw exists when handling a SIP transaction timeout
which may cause SIP traffic to not be processed. This
could allow a remote, authenticated attacker subscribe
to a resource in Asterisk and immediately disconnect,
resulting in a denial of service. (CVE-2014-4048)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://downloads.asterisk.org/pub/security/AST-2014-005.html
http://downloads.asterisk.org/pub/security/AST-2014-008.html
http://www.nessus.org/u?d949b72e
https://issues.asterisk.org/jira/browse/ASTERISK-23489
https://issues.asterisk.org/jira/browse/ASTERISK-23802
http://www.nessus.org/u?12bda26e

Solution :

Upgrade to Asterisk 12.3.1 or apply the appropriate patch listed in
the Asterisk advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 76089 ()

Bugtraq ID: 68032
68033

CVE ID: CVE-2014-4045
CVE-2014-4048

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now