Asterisk HTTP Manager Stack Buffer Overflow Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

概要

An error in the "ast_parse_digest()" function (main/utils.c) when handling "HTTP Digest Authentication" information can be exploited to cause a stack-based buffer overflow via an overly long string. Successful exploitation if this vulnerability may allow execution of arbitrary code.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1004959

Trend Micro Deep Security DPI Rule Name: 1004959 - Asterisk HTTP Manager Stack Buffer Overflow Vulnerability

影響を受けるソフトウェア

Asterisk