Intrusion Prevention

Asterisk.T.38.Remote.Buffer.Overflow

Description

This indicates an attempt to exploit a Remote Code Execution vulnerability in Asterisk.
The vulnerability is caused by a stack-based buffer overflow in the process_sdp function in chan_sip.c. It allows remote attackers to execute arbitrary code.

Affected Products

Asterisk AsteriskNow Beta 5
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.4 Beta
Asterisk Appliance Developers Kit 0.3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the following web sites:
Asterisk Asterisk 1.4 Beta
http://ftp.digium.com/pub/asterisk/releases/asterisk-1.4.3.tar.gz
Asterisk Asterisk 1.4.1
http://ftp.digium.com/pub/asterisk/releases/asterisk-1.4.3.tar.gz
Asterisk Asterisk 1.4.2
http://ftp.digium.com/pub/asterisk/releases/asterisk-1.4.3.tar.gz

CVE References

CVE-2007-2293