Posted: Thu Nov 08, 2007 10:28 pm Post subject: [asterisk-announce] AST-2007-024 - Fallacious security advis
Asterisk Project Security Advisory - AST-2007-024
+------------------------------------------------------------------------+
| Product | Zaptel |
|--------------------+---------------------------------------------------|
| Summary | Potential buffer overflow from command line |
| | application "sethdlc" |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Buffer overflow |
|--------------------+---------------------------------------------------|
| Susceptibility | Local sessions |
|--------------------+---------------------------------------------------|
| Severity | None |
|--------------------+---------------------------------------------------|
| Exploits Known | None |
|--------------------+---------------------------------------------------|
| Reported On | October 31, 2007 |
|--------------------+---------------------------------------------------|
| Reported By | Michael Bucko <michael DOT bucko AT eleytt DOT |
| | com> |
|--------------------+---------------------------------------------------|
| Posted On | October 31, 2007 |
|--------------------+---------------------------------------------------|
| Last Updated On | November 1, 2007 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Mark Michelson <mmichelson AT digium DOT com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2007-5690 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | This advisory is a response to a false security |
| | vulnerability published in several places on the |
| | Internet. Had Asterisk's developers been notified prior |
| | to its publication, there would be no need for this. |
| | |
| | There is a potential for a buffer overflow in the |
| | sethdlc application; however, running this application |
| | requires root access to the server, which means that |
| | exploiting this vulnerability gains the attacker no more |
| | advantage than what he already has. As such, this is a |
| | bug, not a security vulnerability. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | The copy of the user-provided argument to the buffer has |
| | been limited to the length of the buffer. This fix has |
| | been committed to the Zaptel 1.2 and 1.4 repositories, |
| | but due to the lack of severity, new releases will not be |
| | immediately made. |
| | |
| | While we appreciate this programming error being brought |
| | to our attention, we would encourage security researchers |
| | to contact us prior to releasing any reports of their |
| | own, both so that we can fix any vulnerability found |
| | prior to the release of an announcement, as well as |
| | avoiding these types of mistakes (and the potential |
| | embarrassment of reporting a vulnerability that wasn't) |
| | in the future. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release Series | |
|-----------------+----------------+-------------------------------------|
| Zaptel | 1.2.x | All versions prior to 1.2.22 |
|-----------------+----------------+-------------------------------------|
| Zaptel | 1.4.x | All versions prior to 1.4.7 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|----------------------------+-------------------------------------------|
| Zaptel | 1.2.22, when available |
|----------------------------+-------------------------------------------|
| Zaptel | 1.4.7, when available |
|----------------------------+-------------------------------------------|
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------+----------------+------------------------------------------|
| 10/31/2007 | Mark Michelson | Initial release |
|------------+----------------+------------------------------------------|
| 10/31/2007 | Mark Michelson | Changed severity, description, and |
| | | resolution |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2007-024
Copyright (c) 2007 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum