[VIM] Asterisk / Core-ST discrepancy in vuln severity
Steven M. Christey
coley at mitre.org
Mon Jun 12 19:46:36 EDT 2006
I don't feel like commenting more publicly, but for those who like to
keep track of such things:
BUGTRAQ:20060609 CORE-2006-0330: Asterisk PBX truncated video frame vulnerability
URL:http://www.securityfocus.com/archive/1/archive/1/436671/100/0/threaded
"A vulnerability found in the Asterisk's handling of IAX2 video
frames could lead to remote compromise... The memcpy() at [E] will
receive a pointer to memory outside of the packet read from the
network as second argument and a negative value as third argument
resulting in an exploitable buffer overflow condition"
But the vendor fix (correlated by CORE-ST by mentioning CVE-2006-2898)
says:
http://www.asterisk.org/node/95
"The vulnerability ... can lead to denial of service attacks and
random Asterisk server crashes via a relatively trivial exploit."
So - is there one vuln or two? If two - then we don't know for sure
whether the vendor fixed the Core-ST issue or not. If one - then the
vendor apparently disagrees with a reliable, prominent researcher on
whether an issue is exploitable or not.
- Steve
More information about the VIM
mailing list