GLSA-200905-01 : Asterisk: Multiple vulnerabilities

High Nessus Plugin ID 38677

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200905-01 (Asterisk: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in the IAX2 channel driver when performing the 3-way handshake (CVE-2008-1897), when handling a large number of POKE requests (CVE-2008-3263), when handling authentication attempts (CVE-2008-5558) and when handling firmware download (FWDOWNL) requests (CVE-2008-3264). Asterisk does also not correctly handle SIP INVITE messages that lack a 'From' header (CVE-2008-2119), and responds differently to a failed login attempt depending on whether the user account exists (CVE-2008-3903, CVE-2009-0041).
Impact :

Remote unauthenticated attackers could send specially crafted data to Asterisk, possibly resulting in a Denial of Service via a daemon crash, call-number exhaustion, CPU or traffic consumption. Remote unauthenticated attackers could furthermore enumerate valid usernames to facilitate brute-force login attempts.
Workaround :

There is no known workaround at this time.

Solution

All Asterisk users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.2.32'

See Also

https://security.gentoo.org/glsa/200905-01

Plugin Details

Severity: High

ID: 38677

File Name: gentoo_GLSA-200905-01.nasl

Version: 1.15

Type: local

Published: 2009/05/04

Updated: 2018/07/11

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:asterisk, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/05/02

Reference Information

CVE: CVE-2008-1897, CVE-2008-2119, CVE-2008-3263, CVE-2008-3264, CVE-2008-3903, CVE-2008-5558, CVE-2009-0041

BID: 28901, 33174

GLSA: 200905-01

CWE: 20, 200, 287, 399