Asterisk HTTP Manager Stack Buffer Overflow Vulnerability
Schweregrad:: Kritisch
Hinweisdatum: 21 Juli 2015
Beschreibung
An error in the "ast_parse_digest()" function (main/utils.c) when handling "HTTP Digest Authentication" information can be exploited to cause a stack-based buffer overflow via an overly long string.
Successful exploitation if this vulnerability may allow execution of arbitrary code.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1004959
Trend Micro Deep Security DPI Rule Name: 1004959 - Asterisk HTTP Manager Stack Buffer Overflow Vulnerability
Betroffene Software und Version:
- Asterisk