Posted: Tue Mar 18, 2008 11:57 pm Post subject: [asterisk-announce] AST-2008-004: Format String Vulnerabilit
Asterisk Project Security Advisory - AST-2008-004
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Format String Vulnerability in Logger and Manager |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Denial of Service |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Moderate |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 13, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Steve Davies (bugs.digium.com user stevedavies) |
| | |
| | Brandon Kruse (bugs.digium.com user bkruse) |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Joshua Colp <jcolp@digium.com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1333 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Logging messages displayed using the ast_verbose logging |
| | API call are not displayed as a character string, they |
| | are displayed as a format string. |
| | |
| | Output as a result of the Manager command "command" is |
| | not appended to the resulting response message as a |
| | character string, it is appended as a format string. |
| | |
| | It is possible in both instances for an attacker to |
| | provide a formatted string as a value for input which |
| | can cause a crash. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | Input given to both the ast_verbose logging API call and |
| | astman_append function is now interpreted as a character |
| | string and not as a format string. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+--------------------+--------------------------------|
| 2008-03-18 | Joshua Colp | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-004
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum