Mailinglist Archive: opensuse-bugs (9507 mails)
| < Previous | Next > |
[Bug 372236] New: VUL-0: AST-2008-004: Format String Vulnerability in
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Wed, 19 Mar 2008 02:00:03 -0600 (MDT)
- Message-id: <bug-372236-21960@xxxxxxxxxxxxxxxxxxxxxxxxx/>
https://bugzilla.novell.com/show_bug.cgi?id=372236
Summary: VUL-0: AST-2008-004: Format String Vulnerability in
Product: openSUSE 10.2
Version: Final
Platform: Other
OS/Version: Other
Status: NEW
Severity: Major
Priority: P5 - None
Component: Security
AssignedTo: security-team@xxxxxxx
ReportedBy: mweckbecker@xxxxxxxxxx
QAContact: qa@xxxxxxx
CC: security-team@xxxxxxx
Found By: ---
Your friendly security team received the following report via full-disclosure.
Please respond ASAP.
The issue is public.
Date: Tue, 18 Mar 2008 18:32:23 -0500
From: Asterisk Security Team <security@xxxxxxxxxxxx>
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] AST-2008-004: Format String Vulnerability in
Logger and Manager
Asterisk Project Security Advisory - AST-2008-004
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Format String Vulnerability in Logger and Manager |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Denial of Service |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Moderate |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 13, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Steve Davies (bugs.digium.com user stevedavies) |
| | |
| | Brandon Kruse (bugs.digium.com user bkruse) |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Joshua Colp <jcolp@xxxxxxxxxx> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1333 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Logging messages displayed using the ast_verbose logging |
| | API call are not displayed as a character string, they |
| | are displayed as a format string. |
| | |
| | Output as a result of the Manager command "command" is |
| | not appended to the resulting response message as a |
| | character string, it is appended as a format string. |
| | |
| | It is possible in both instances for an attacker to |
| | provide a formatted string as a value for input which |
| | can cause a crash. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | Input given to both the ast_verbose logging API call and |
| | astman_append function is now interpreted as a character |
| | string and not as a format string. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.2.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.4.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.6.x | All versions prior to |
| | | 1.6.0-beta6 |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | A.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | B.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | C.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| AsteriskNOW | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Appliance | 0.x.x | Unaffected |
| Developer Kit | | |
|----------------------------+---------+---------------------------------|
| s800i (Asterisk Appliance) | 1.0.x | Unaffected |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|---------------+--------------------------------------------------------|
| Asterisk Open | 1.6.0-beta6, available from |
| Source | http://downloads.digium.com/pub/telephony/asterisk |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | http://bugs.digium.com/view.php?id=12205 |
| | |
| | http://bugs.digium.com/view.php?id=12206 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-004.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-004.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+--------------------+--------------------------------|
| 2008-03-18 | Joshua Colp | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-004
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Summary: VUL-0: AST-2008-004: Format String Vulnerability in
Product: openSUSE 10.2
Version: Final
Platform: Other
OS/Version: Other
Status: NEW
Severity: Major
Priority: P5 - None
Component: Security
AssignedTo: security-team@xxxxxxx
ReportedBy: mweckbecker@xxxxxxxxxx
QAContact: qa@xxxxxxx
CC: security-team@xxxxxxx
Found By: ---
Your friendly security team received the following report via full-disclosure.
Please respond ASAP.
The issue is public.
Date: Tue, 18 Mar 2008 18:32:23 -0500
From: Asterisk Security Team <security@xxxxxxxxxxxx>
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] AST-2008-004: Format String Vulnerability in
Logger and Manager
Asterisk Project Security Advisory - AST-2008-004
+------------------------------------------------------------------------+
| Product | Asterisk |
|--------------------+---------------------------------------------------|
| Summary | Format String Vulnerability in Logger and Manager |
|--------------------+---------------------------------------------------|
| Nature of Advisory | Denial of Service |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Moderate |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 13, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Steve Davies (bugs.digium.com user stevedavies) |
| | |
| | Brandon Kruse (bugs.digium.com user bkruse) |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | March 18, 2008 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Joshua Colp <jcolp@xxxxxxxxxx> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2008-1333 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | Logging messages displayed using the ast_verbose logging |
| | API call are not displayed as a character string, they |
| | are displayed as a format string. |
| | |
| | Output as a result of the Manager command "command" is |
| | not appended to the resulting response message as a |
| | character string, it is appended as a format string. |
| | |
| | It is possible in both instances for an attacker to |
| | provide a formatted string as a value for input which |
| | can cause a crash. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | Input given to both the ast_verbose logging API call and |
| | astman_append function is now interpreted as a character |
| | string and not as a format string. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Affected Versions |
|------------------------------------------------------------------------|
| Product | Release | |
| | Series | |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.2.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.4.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Open Source | 1.6.x | All versions prior to |
| | | 1.6.0-beta6 |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | A.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | B.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Business Edition | C.x.x | Unaffected |
|----------------------------+---------+---------------------------------|
| AsteriskNOW | 1.0.x | Unaffected |
|----------------------------+---------+---------------------------------|
| Asterisk Appliance | 0.x.x | Unaffected |
| Developer Kit | | |
|----------------------------+---------+---------------------------------|
| s800i (Asterisk Appliance) | 1.0.x | Unaffected |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Corrected In |
|------------------------------------------------------------------------|
| Product | Release |
|---------------+--------------------------------------------------------|
| Asterisk Open | 1.6.0-beta6, available from |
| Source | http://downloads.digium.com/pub/telephony/asterisk |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Links | http://bugs.digium.com/view.php?id=12205 |
| | |
| | http://bugs.digium.com/view.php?id=12206 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Asterisk Project Security Advisories are posted at |
| http://www.asterisk.org/security |
| |
| This document may be superseded by later versions; if so, the latest |
| version will be posted at |
| http://downloads.digium.com/pub/security/AST-2008-004.pdf and |
| http://downloads.digium.com/pub/security/AST-2008-004.html |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|------------------+--------------------+--------------------------------|
| 2008-03-18 | Joshua Colp | Initial Release |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - AST-2008-004
Copyright (c) 2008 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |