Asterisk chan_sip Overlap Dialing Feature DoS (AST-2016-007)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

A telephony application running on the remote host is affected by a
denial of service vulnerability.

Description :

According to its SIP banner, the version of Asterisk running on the
remote host is 11.x prior to 11.23.1, 13.x prior to 13.11.1,
11.6-certx prior to 11.6-cert15, or 13.8-certx prior to 13.8-cert3. It
is, therefore, affected by a flaw in the overlap dialing feature in
chan_sip due to a failure to release old RTP resources before
allocating new ones. An unauthenticated, remote attacker can exploit
this to exhaust available RTP ports and stop new RTP sessions from
being created, resulting in a denial of service condition. This
vulnerability only affects installations using the overlap dialing
support feature.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.

See also :

http://downloads.asterisk.org/pub/security/AST-2016-007.html
http://seclists.org/fulldisclosure/2016/Sep/16
https://issues.asterisk.org/jira/browse/ASTERISK-26272

Solution :

Upgrade to Asterisk version 11.23.1 / 13.11.1 / 11.6-cert15 /
13.8-cert3 or later. Alternatively, disable the overlap dialing
support feature.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 93534 ()

Bugtraq ID: 92888

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now