Bug#618791: AST-2011-004: Remote crash vulnerability in TCP/TLS server

[Tzafrir Cohen]

Package: asterisk
Version: 1:1.6.2.9-2+squeeze2
Justification: user security hole
Severity: grave
Tags: security upstream patch

Rapidly opening and closing TCP connections to services using the
ast_tcptls_* API (primarily chan_sip, manager, and res_phoneprov) can
cause Asterisk to crash after dereferencing a NULL pointer.

TCP-TLS code was did not exist yet in the oldstable (Lenny) version of
Asterisk.

It is not used in the default configuration. But may be quite common in
many configurations.

-- 
Tzafrir Cohen         | tzafrir at jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir at cohens.org.il |                    |  best
tzafrir at debian.org    |                    | friend

-- 
Tzafrir Cohen         | tzafrir at jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir at cohens.org.il |                    |  best
tzafrir at debian.org    |                    | friend