Asterisk IAX2 FWDOWNL Request Spoofing Remote DoS

Medium Nessus Plugin ID 33564

Synopsis

The remote VoIP service can be abused to conduct an amplification attack against third-party hosts.

Description

The firmware download protocol implemented in the version of Asterisk running on the remote host does not initiate a handshake. By spoofing an IAX2 FWDOWNL request, an unauthenticated, remote attacker may be able to leverage this issue to flood a third-party host with unwanted firmware packets from the affected host.

Solution

Upgrade to Asterisk Open Source 1.4.21.2 / 1.2.30, Asterisk Business Edition C.2.0.3 / C.1.10.3 / B.2.5.4, s800i (Asterisk Appliance) 1.2.0.1 or later.

See Also

http://downloads.digium.com/pub/security/AST-2008-011.html

https://www.securityfocus.com/archive/1/494676/30/0/threaded

Plugin Details

Severity: Medium

ID: 33564

File Name: asterisk_iax2_spoofed_fwdownl.nasl

Version: 1.17

Type: remote

Published: 2008/07/24

Modified: 2018/11/15

Dependencies: 20834

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:asterisk:open_source

Required KB Items: Services/udp/iax2

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/07/22

Reference Information

CVE: CVE-2008-3264

BID: 30350

Secunia: 31178

CWE: 287