| Summary: | ASTERISK-05549: SIP attack through Max-Forwards | ||
| Reporter: | a (cyberdjheffer) | Labels: | |
| Date Opened: | 2005-11-10 05:37:47.000-0600 | Date Closed: | 2005-11-10 20:29:17.000-0600 |
| Priority: | Major | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | http://www.ietf.org/internet-drafts/draft-lawrence-maxforward-problems-00.txt Asterisk should be evaluated to see if it is vulnerable to this kind of attack or capable of generating it. | ||
| Comments: | By: Kevin P. Fleming (kpfleming) 2005-11-10 20:29:02.000-0600 Asterisk cannot be used to perpetrate this sort of attack, since it does not accept multiple registrations for the same AOR. Asterisk can be used to 'fork' multiple outbound requests if the dialplan requests it, but they are independent INVITEs, not forked as a proxy would do. I can't say whether Asterisk is 'vulnerable'... if a proxy sends multiple requests to Asterisk it will try to respond to them. I doubt it's much of a concern though. (In the future, please post questions of this type to the mailing lists, not in our bug tracker) | ||