Bug#773230: asterisk: CVE-2014-9374

Tzafrir Cohen tzafrir.cohen at xorcom.com
Tue Dec 16 11:20:39 UTC 2014


On Mon, Dec 15, 2014 at 09:26:41PM +0100, Salvatore Bonaccorso wrote:
> Source: asterisk
> Version: 1:11.13.0~dfsg-1
> Severity: important
> Tags: security upstream fixed-upstream
> 
> Hi,
> 
> the following vulnerability was published for asterisk.
> 
> CVE-2014-9374[0]:
> | Double free vulnerability in the WebSocket Server (res_http_websocket
> | module) in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2,
> | and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9
> | allows remote attackers to cause a denial of service (crash) by sending
> | a zero length frame after a non-zero length frame.
> 
> No description was found (try on a search engine)
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2014-9374

Upstream's page:
http://downloads.asterisk.org/pub/security/AST-2014-019.html

1.8 doesn't have websocket support and thus is not vulnrable.

Patches for this and the previous issues is now finally commited to git
(branch wheezy). Sadly I'll have to use t-p-u as Unstable has a Asterisk
13 due to my miscalculation.

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com



More information about the Pkg-voip-maintainers mailing list