[VOIPSEC] AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage

Asterisk Security Team security at asterisk.org
Fri Aug 24 23:27:26 BST 2007


              Asterisk Project Security Advisory - AST-2007-021

   +------------------------------------------------------------------------+
   |      Product       | Asterisk                                          |
   |--------------------+---------------------------------------------------|
   |      Summary       | Crash from invalid/corrupted MIME bodies when     |
   |                    | using voicemail with IMAP storage                 |
   |--------------------+---------------------------------------------------|
   | Nature of Advisory | Crash                                             |
   |--------------------+---------------------------------------------------|
   |   Susceptibility   | Remote Unauthenticated Sessions                   |
   |--------------------+---------------------------------------------------|
   |      Severity      | minor                                             |
   |--------------------+---------------------------------------------------|
   |   Exploits Known   | No                                                |
   |--------------------+---------------------------------------------------|
   |    Reported On     | August 23, 2007                                   |
   |--------------------+---------------------------------------------------|
   |    Reported By     | Kevin Stewart                                     |
   |--------------------+---------------------------------------------------|
   |     Posted On      | August 24, 2007                                   |
   |--------------------+---------------------------------------------------|
   |  Last Updated On   | August 24, 2007                                   |
   |--------------------+---------------------------------------------------|
   |  Advisory Contact  | Mark Michelson <mmichelson at digium.com>            |
   |--------------------+---------------------------------------------------|
   |      CVE Name      |CVE-2007-4521                                      |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Description | If Asterisk is configured to use IMAP as its backend     |
   |             | storage for voicemail, then an e-mail sent to a user     |
   |             | with an invalid/corrupted MIME body will cause Asterisk  |
   |             | to crash when the user listens to their voicemail using  |
   |             | the phone.                                               |
   |             |                                                          |
   |             | This does not affect any other voicemail storage option, |
   |             | nor does it affect users who check their voicemail via   |
   |             | e-mail when using IMAP storage.                          |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Resolution | Since this is a minor issue, a new release is not         |
   |            | immediately planned. However, the issue will be fixed in  |
   |            | Asterisk Open Source version 1.4.12 when it is released.  |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                           Affected Versions                            |
   |------------------------------------------------------------------------|
   |            Product             |   Release   |                         |
   |                                |   Series    |                         |
   |--------------------------------+-------------+-------------------------|
   |      Asterisk Open Source      |    1.0.x    | Not Affected            |
   |--------------------------------+-------------+-------------------------|
   |      Asterisk Open Source      |    1.2.x    | Not Affected            |
   |--------------------------------+-------------+-------------------------|
   |      Asterisk Open Source      |    1.4.x    | Versions 1.4.5 - 1.4.11 |
   |--------------------------------+-------------+-------------------------|
   |   Asterisk Business Edition    |    A.x.x    | Not Affected            |
   |--------------------------------+-------------+-------------------------|
   |   Asterisk Business Edition    |    B.x.x    | Not Affected            |
   |--------------------------------+-------------+-------------------------|
   |          AsteriskNOW           | pre-release | Not Affected            |
   |--------------------------------+-------------+-------------------------|
   |  Asterisk Appliance Developer  |    0.x.x    | Not Affected            |
   |              Kit               |             |                         |
   |--------------------------------+-------------+-------------------------|
   |   s800i (Asterisk Appliance)   |    1.0.x    | Not Affectted           |
   +------------------------------------------------------------------------+

+-----------------------------------------------------------------------------------+
|                                   Corrected In                                    |
|-----------------------------------------------------------------------------------|
|Product |                                 Release                                  |
|--------+--------------------------------------------------------------------------|
|Asterisk|             1.4.12 (not released), patch can be found here:              |
|  Open  |http://lists.digium.com/pipermail/asterisk-commits/2007-August/015743.html|
| Source |                                                                          |
|--------+--------------------------------------------------------------------------|
|--------+--------------------------------------------------------------------------|
+-----------------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |      Links       | http://bugs.digium.com/view.php?id=10544            |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   | Asterisk Project Security Advisories are posted at                     |
   | http://www.asterisk.org/security.                                      |
   |                                                                        |
   | This document may be superseded by later versions; if so, the latest   |
   | version will be posted at                                              |
   | http://downloads.digium.com/pub/asa/AST-2007-021.pdf and               |
   | http://downloads.digium.com/pub/asa/AST-2007-021.html.                 |
   +------------------------------------------------------------------------+

   +------------------------------------------------------------------------+
   |                            Revision History                            |
   |------------------------------------------------------------------------|
   |         Date         |       Editor        |      Revisions Made       |
   |----------------------+---------------------+---------------------------|
   | August 24, 2007      | Mark Michelson      | Initial Release           |
   +------------------------------------------------------------------------+

               Asterisk Project Security Advisory - AST-2007-021
              Copyright (c) 2007 Digium, Inc. All Rights Reserved.
  Permission is hereby granted to distribute and publish this advisory in its
                           original, unaltered form.





More information about the Voipsec mailing list