Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer Overflow

Related Vulnerabilities: CVE-2006-4346  

Source

Debian Bug report logs - #385060
CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer Overflow

version graph

Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>; Source for asterisk is src:asterisk (PTS, buildd, popcon).

Reported by: Stefan Fritsch <sf@sfritsch.de>

Date: Mon, 28 Aug 2006 19:33:17 UTC

Severity: grave

Tags: security

Found in version 1.0.0-1

Fixed in version asterisk/1:1.2.11.dfsg-1

Done: Mark Purcell <msp@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>:
Bug#385060; Package asterisk. (full text, mbox, link).

Acknowledgement sent to Stefan Fritsch <sf@sfritsch.de>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Stefan Fritsch <sf@sfritsch.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: asterisk: Asterisk MGCP AUEP Response Handling Buffer Overflow
Date: Mon, 28 Aug 2006 21:23:36 +0200
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole


Hi,

according to [1] asterisk 1.2.11 fixes a buffer overflow in the asterisk MGCP
implementation that allows an attacker to execute arbitrary code.

Since I don't use asterisk, I don't know whether this is actually included in
the Debian package. Please close or adjust the severity as appropriate.

Cheers,
Stefan

[1] http://secunia.com/advisories/21600/

Information forwarded to debian-bugs-dist@lists.debian.org, Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>:
Bug#385060; Package asterisk. (full text, mbox, link).

Acknowledgement sent to Stefan Fritsch <sf@sfritsch.de>:
Extra info received and forwarded to list. Copy sent to Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>. (full text, mbox, link).

Message #10 received at 385060@bugs.debian.org (full text, mbox, reply):

From: Stefan Fritsch <sf@sfritsch.de>
To: 385060@bugs.debian.org
Subject: asterisk: Asterisk MGCP AUEP Response Handling Buffer Overflow
Date: Tue, 29 Aug 2006 18:15:32 +0200
retitle 385060 CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer Overflow
thanks

CVE-2006-4346 has been assigned to this issue.

Changed Bug title. Request was from Stefan Fritsch <sf@sfritsch.de> to control@bugs.debian.org. (full text, mbox, link).

Tags added: pending Request was from Mark Purcell <mark@purcell.id.au> to control@bugs.debian.org. (full text, mbox, link).

Reply sent to Mark Purcell <msp@debian.org>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Stefan Fritsch <sf@sfritsch.de>:
Bug acknowledged by developer. (full text, mbox, link).

Message #19 received at 385060-close@bugs.debian.org (full text, mbox, reply):

From: Mark Purcell <msp@debian.org>
To: 385060-close@bugs.debian.org
Subject: Bug#385060: fixed in asterisk 1:1.2.11.dfsg-1
Date: Sat, 02 Sep 2006 10:17:06 -0700
Source: asterisk
Source-Version: 1:1.2.11.dfsg-1

We believe that the bug you reported is fixed in the latest version of
asterisk, which is due to be installed in the Debian FTP archive:

asterisk-bristuff_1.2.11.dfsg-1_i386.deb
  to pool/main/a/asterisk/asterisk-bristuff_1.2.11.dfsg-1_i386.deb
asterisk-classic_1.2.11.dfsg-1_i386.deb
  to pool/main/a/asterisk/asterisk-classic_1.2.11.dfsg-1_i386.deb
asterisk-config_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk-config_1.2.11.dfsg-1_all.deb
asterisk-dev_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk-dev_1.2.11.dfsg-1_all.deb
asterisk-doc_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk-doc_1.2.11.dfsg-1_all.deb
asterisk-h423_1.2.11.dfsg-1_i386.deb
  to pool/main/a/asterisk/asterisk-h423_1.2.11.dfsg-1_i386.deb
asterisk-sounds-main_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk-sounds-main_1.2.11.dfsg-1_all.deb
asterisk-web-vmail_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk-web-vmail_1.2.11.dfsg-1_all.deb
asterisk_1.2.11.dfsg-1.diff.gz
  to pool/main/a/asterisk/asterisk_1.2.11.dfsg-1.diff.gz
asterisk_1.2.11.dfsg-1.dsc
  to pool/main/a/asterisk/asterisk_1.2.11.dfsg-1.dsc
asterisk_1.2.11.dfsg-1_all.deb
  to pool/main/a/asterisk/asterisk_1.2.11.dfsg-1_all.deb
asterisk_1.2.11.dfsg.orig.tar.gz
  to pool/main/a/asterisk/asterisk_1.2.11.dfsg.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 385060@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mark Purcell <msp@debian.org> (supplier of updated asterisk package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat,  2 Sep 2006 13:01:02 +0100
Source: asterisk
Binary: asterisk-h423 asterisk-web-vmail asterisk asterisk-classic asterisk-dev asterisk-doc asterisk-sounds-main asterisk-bristuff asterisk-config
Architecture: source all i386
Version: 1:1.2.11.dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Changed-By: Mark Purcell <msp@debian.org>
Description: 
 asterisk   - Open Source Private Branch Exchange (PBX)
 asterisk-bristuff - Open Source Private Branch Exchange (PBX) - BRIstuff-enabled vers
 asterisk-classic - Open Source Private Branch Exchange (PBX) - original Digium versi
 asterisk-config - config files for asterisk
 asterisk-dev - development files for asterisk
 asterisk-doc - documentation for asterisk
 asterisk-h423 - asterisk H.323 VoIP channel
 asterisk-sounds-main - sound files for asterisk
 asterisk-web-vmail - Web-based (CGI) voice mail interface for Asterisk
Closes: 384283 385060
Changes: 
 asterisk (1:1.2.11.dfsg-1) unstable; urgency=high
 .
   [ Tzafrir Cohen]
   * apprecord_sprintf.dpatch: fix format string issue in app_record.so .
 .
   [ Mark Purcell ]
   * New Upstream Release
   * Urgency high as fixes CVE-2006-4346
   * CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer
     Overflow (Closes: Bug#385060)
   * Please package Asterisk 1.2.11 and Zaptel 1.2.8 (Closes: #384283)
   * Better error handling on init.d reload, if asterisk isn't running
   * Lintian cleanup: not-binnmuable-any-depends-all
   * Lintian cleanup: not-binnmuable-all-depends-any
   * Use restart in asterisk_fix
Files: 
 1036250ae43fbf9b3244cc59146eea28 1381 comm optional asterisk_1.2.11.dfsg-1.dsc
 250cc5d8120fc566ba75a2e199f4a1c5 3863912 comm optional asterisk_1.2.11.dfsg.orig.tar.gz
 435a2e34a2c0ea608976d6a385fc6439 168193 comm optional asterisk_1.2.11.dfsg-1.diff.gz
 600d4f1221088ae762df60231204a4e0 136670 comm optional asterisk_1.2.11.dfsg-1_all.deb
 6b6d0645e451946799fead88075bd6b5 19072658 doc optional asterisk-doc_1.2.11.dfsg-1_all.deb
 0a97b63eed19da971209dd0aa9daba74 160178 devel optional asterisk-dev_1.2.11.dfsg-1_all.deb
 62d6af1dc8085ff339224efedddd96a9 1491316 comm optional asterisk-sounds-main_1.2.11.dfsg-1_all.deb
 2c6dac02dfe0081f3fe6d376d820afa1 64318 comm optional asterisk-web-vmail_1.2.11.dfsg-1_all.deb
 f1e6b59fddf83b4545c757385e55b49e 122146 comm optional asterisk-config_1.2.11.dfsg-1_all.deb
 faa15bd6124f244de47fce4b06c223a5 1641572 comm optional asterisk-classic_1.2.11.dfsg-1_i386.deb
 aab5342c9e111c032eb131afb5070c94 1671104 comm optional asterisk-bristuff_1.2.11.dfsg-1_i386.deb
 a9a905caf1182b34ad37e1aaa34a8b2e 121182 comm optional asterisk-h423_1.2.11.dfsg-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE+beooCzanz0IthIRAtApAJ9a9DyNN1Rt4eFeogBJvhanVS/8HACeJJh5
GdYwFUOBFdfBmNqkYAi1aSE=
=EUo1
-----END PGP SIGNATURE-----

Bug marked as found in version 1.0.0-1. Request was from Elizabeth Bevilacqua <lyz@princessleia.com> to control@bugs.debian.org. (Mon, 26 Mar 2007 17:27:02 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>:
Bug#385060; Package asterisk. (full text, mbox, link).

Acknowledgement sent to Mark Purcell <msp@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>. (full text, mbox, link).

Message #26 received at 385060@bugs.debian.org (full text, mbox, reply):

From: Mark Purcell <msp@debian.org>
To: Elizabeth Bevilacqua <lyz@princessleia.com>
Cc: 385060@bugs.debian.org
Subject: Re: Processed: Asterisk bug #385060
Date: Mon, 26 Mar 2007 18:39:53 +0100
[Message part 1 (text/plain, inline)]
Elizabeth,

Not quite sure why you raised this.

asterisk-1.0.0-1 hasn't been in Debian for a very long time, even before the current stable version.

Mark


On Monday 26 March 2007 18:27, Debian Bug Tracking System wrote:
> Processing commands for control@bugs.debian.org:
> 
> > found 385060 1.0.0-1
> Bug#385060: CVE-2006-4346: Asterisk MGCP AUEP Response Handling Buffer Overflow
> Bug marked as found in version 1.0.0-1.
> 
> > thanks
> Stopping processing here.
> 
> Please contact me if you need assistance.
> 
> Debian bug tracking system administrator
> (administrator, Debian Bugs database)
> 
> 
> _______________________________________________
> Pkg-voip-maintainers mailing list
> Pkg-voip-maintainers@lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-voip-maintainers
> 

[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>:
Bug#385060; Package asterisk. (full text, mbox, link).

Acknowledgement sent to Elizabeth Bevilacqua <lyz@princessleia.com>:
Extra info received and forwarded to list. Copy sent to Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>. (full text, mbox, link).

Message #31 received at 385060@bugs.debian.org (full text, mbox, reply):

From: Elizabeth Bevilacqua <lyz@princessleia.com>
To: Mark Purcell <msp@debian.org>
Cc: 385060@bugs.debian.org
Subject: Re: Processed: Asterisk bug #385060
Date: Mon, 26 Mar 2007 14:44:27 -0400
On Mon, Mar 26, 2007 at 06:39:53PM +0100, Mark Purcell wrote:
> Not quite sure why you raised this.
> 
> asterisk-1.0.0-1 hasn't been in Debian for a very long time, even before the current stable version.

The security annoucement said that versions 1.0.0 - 1.2.10 were
vulnerable. This tag ought to mark the intermediate versions, which
includes the version in sarge.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 26 Jun 2007 02:40:18 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 13:25:21 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started