Signature Detail
Short Name |
VOIP:SIP:OVERFLOW:T-38-SDP-OF |
|---|---|
Severity |
High |
Recommended |
No |
Category |
VOIP |
Release Date |
2007/11/21 |
Update Number |
1213 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
VOIP: SIP T.38 SDP Overflow
This signature detects attempts to exploit a known vulnerability in Asterisk SIP Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Asterisk is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause denial-of-service conditions. Versions prior to Asterisk Open Source 1.4.3, AsteriskNOW Beta 6, and Asterisk Appliance Developer Kit 0.4.0 are vulnerable. NOTE: These issues occur only when 't38 fax over SIP' is enabled in 'sip.conf'.
Affected Products
- Asterisk Appliance Developers Kit 0.3.0
- Asterisk 1.4.1
- Asterisk 1.4.2
- Asterisk 1.4 Beta
- Asterisk AsteriskNow Beta 5
References
- BugTraq: 23648