|Summary:||ASTERISK-00261: [patch] Random data on port 2000 will SEGV asterisk|
|Date Opened:||2003-09-12 15:17:24||Date Closed:||2004-09-25 02:52:04|
|Environment:||Attachments:||( 0) chan_skinny_fix-1.diff|
|Description:||Opening a connection to port 2000 while chan_skinny is enabled (by default now) will cause a SEGV if any random data is sent.|
****** STEPS TO REPRODUCE ******
telnet to port 2000 of a installation of asterisk with chan_skinny running, and just send a few random chars. Asterisk will then SEGV.
****** ADDITIONAL INFORMATION ******
Attached is a diff to at least stop any random data, carefully crafted data will probably still kill asterisk :/
There are a number of other bugs like this in chan_skinny, maybe disable it by default until all these sorts of bugs have been fixed, for security reasons? (btw - chan_sccp suffers from a similar problem right now, too :/).
|Comments:||By: jerjer (jerjer) 2003-09-13 18:44:05|
Merged into cvs. Thank you. I hadn't gotten around to bullet proofing the socket, as I'm not very skilled at socket programing.
Any suggestions on how to protect against that "carefully crafted data"?
By: jerjer (jerjer) 2003-09-14 22:09:44
Please contact me directly if you have any further info on this.