[VIM] Asterisk / Core-ST discrepancy in vuln severity

Steven M. Christey coley at mitre.org
Mon Jun 12 19:46:36 EDT 2006

I don't feel like commenting more publicly, but for those who like to
keep track of such things:

  BUGTRAQ:20060609 CORE-2006-0330: Asterisk PBX truncated video frame vulnerability

  "A vulnerability found in the Asterisk's handling of IAX2 video
  frames could lead to remote compromise... The memcpy() at [E] will
  receive a pointer to memory outside of the packet read from the
  network as second argument and a negative value as third argument
  resulting in an exploitable buffer overflow condition"

But the vendor fix (correlated by CORE-ST by mentioning CVE-2006-2898)


  "The vulnerability ... can lead to denial of service attacks and
  random Asterisk server crashes via a relatively trivial exploit."

So - is there one vuln or two?  If two - then we don't know for sure
whether the vendor fixed the Core-ST issue or not.  If one - then the
vendor apparently disagrees with a reliable, prominent researcher on
whether an issue is exploitable or not.

- Steve

More information about the VIM mailing list