Summary:ASTERISK-00261: [patch] Random data on port 2000 will SEGV asterisk
Reporter:theo (theo)Labels:
Date Opened:2003-09-12 15:17:24Date Closed:2004-09-25 02:52:04
Versions:Frequency of
Environment:Attachments:( 0) chan_skinny_fix-1.diff
Description:Opening a connection to port 2000 while chan_skinny is enabled (by default now) will cause a SEGV if any random data is sent.

****** STEPS TO REPRODUCE ******

telnet to port 2000 of a installation of asterisk with chan_skinny running, and just send a few random chars.  Asterisk will then SEGV.


Attached is a diff to at least stop any random data, carefully crafted data will probably still kill asterisk :/

There are a number of other bugs like this in chan_skinny, maybe disable it by default until all these sorts of bugs have been fixed, for security reasons?  (btw - chan_sccp suffers from a similar problem right now, too :/).
Comments:By: jerjer (jerjer) 2003-09-13 18:44:05

Merged into cvs. Thank you.  I hadn't gotten around to bullet proofing the socket, as I'm not very skilled at socket programing.

Any suggestions on how to protect against that "carefully crafted data"?

By: jerjer (jerjer) 2003-09-14 22:09:44

Please contact me directly if you have any further info on this.