Bug#610487: asterisk: AST-2011-001: buffer overflow in caller ID URI encoding
Moritz Mühlenhoff
jmm at inutil.org
Tue Jan 25 20:28:40 UTC 2011
On Tue, Jan 18, 2011 at 11:36:01PM +0000, Tzafrir Cohen wrote:
> Package: asterisk
> Version: 1:1.6.2.9-2
> Justification: user security hole
> Severity: grave
> Tags: security patch upstream
>
> *** Please type your report below this line ***
> The Asterisk project has reported security advisory ASA-2011-011
> http://downloads.asterisk.org/pub/security/AST-2011-001.html
> (No CVE ATM)
>
> "When forming an outgoing SIP request while in pedantic mode, a stack
> buffer can be made to overflow if supplied with carefully crafted caller
> ID information. "
>
> Caller ID information may be provided by remote users. The advisory details
> potential workaround in the dialplan, but applying it varies greatly on
> different configurations.
>
> Issue applies both to the Lenny and Squeeze packages. For patches:
> http://svn.debian.org/viewsvn/pkg-voip?view=rev&revision=8708 (Squeeze)
>
> http://svn.debian.org/viewsvn/pkg-voip?view=rev&revision=8711 (Lenny)
What's the status of a Squeeze upload? This should be uploaded with
the minimal fix and urgency=high.
Cheers,
Moritz
More information about the Pkg-voip-maintainers
mailing list