Condorlab

PJSIP – Bug in PJSIP allows generating malformed packets and producing a Denial of Service


Advisory IDRSN-SIP-1565


Vulnerability Information

 

A bug in the PJSIP library allows sending a SIP packet to Asterisk with a CSeq header specially designed in Asterisk Open Source 11.X, 13.X, 14.X and Certified Asterisk 13.13 to cause a DoS by an attacker remotely


Release Date

2017-06-02 00:00:00


PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. It combines signaling protocol (SIP) with rich multimedia framework and NAT traversal functionality into high level API that is portable and suitable for almost any type of systems ranging from desktops, embedded systems, to mobile handsets.


Technical Information

 

The problem lies in the PJSIP transaction key generation algorithm that does not allocate a sufficiently large buffer. When the buffer is exceeded, the memory allocation table is damaged, leading to an eventual block (DoS). For this failure, the CVE-2017-9372 has been assigned.


Solutions

 

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com


External Resources

 

Asterisk Project Security Advisory

http://downloads.asterisk.org/pub/security/AST-2017-002.txt

Common Vulnerabilities and Exposures (CVE)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9372