Digium.Asterisk.HTTP.Digest.Authentication.Buffer.Overflow
Description
This indicates an attack attempt against a Buffer Overflow vulnerability exists in Digium Asterisk.
The vulnerability is caused due to a bounds checking error while handling HTTP Digest Authentication headers in the ast_parse_digest() function used by the Asterisk management interface. A successful attack may allow an attacker to execute arbitrary code on the vulnerable system.
Affected Products
Digium Asterisk Open Source 1.8.x prior to 1.8.10.1
Digium Asterisk Open Source 10.x Prior to 10.2.1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply updates or fixes, available from the website:
http://downloads.asterisk.org/pub/security/AST-2012-003.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-04-24 | 27.774 | Sig Added |