Sign-up

ID

VAR-201911-1367


CVE

CVE-2019-18976


TITLE

Sangoma Asterisk and Certified Asterisk In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012748

DESCRIPTION

An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. This vulnerability CVE-CVE-2019-18940 Is a different vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Sangoma Technologies Asterisk is an open source telephone exchange (PBX) system software. The software supports voicemail, multi-party voice conferencing, interactive voice response (IVR), and more. The vulnerability originates from improper design or implementation during code development of a network system or product. An attacker could use this vulnerability to execute malicious code. Asterisk Project Security Advisory - Product Asterisk Summary Re-invite with T.38 and malformed SDP causes crash. Nature of Advisory Remote Crash Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On November 07, 2019 Reported By Salah Ahmed Posted On November 21, 2019 Last Updated On November 21, 2019 Advisory Contact bford AT sangoma DOT com CVE Name CVE-2019-18976 Description If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a crash will occur. Modules Affected res_pjsip_t38.c Resolution If T.38 faxing is not needed, then the “t38_udptl” configuration option in pjsip.conf can be set to “no” to disable the functionality. This option automatically defaults to “no” and would have to be manually turned on to experience this crash. If T.38 faxing is needed, then Asterisk should be upgraded to a fixed version. Affected Versions Product Release Series Asterisk Open Source 13.x All versions Certified Asterisk 13.21 All versions Corrected In Product Release Asterisk Open Source 13.29.2 Certified Asterisk 13.21-cert5 Patches SVN URL Revision http://downloads.asterisk.org/pub/security/AST-2019-008-13.diff Asterisk 13 http://downloads.asterisk.org/pub/security/AST-2019-008-13.21.diff Certified Asterisk 13.21-cert5 Links https://issues.asterisk.org/jira/browse/ASTERISK-28612 Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/.pdf and http://downloads.digium.com/pub/security/.html Revision History Date Editor Revisions Made November 12, 2019 Ben Ford Initial Revision November 21, 2019 Ben Ford Added “Posted On” date Asterisk Project Security Advisory - Copyright © 2019 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form

Trust: 2.25

sources: NVD: CVE-2019-18976 // JVNDB: JVNDB-2019-012748 // CNVD: CNVD-2020-01312 // PACKETSTORM: 155436

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-01312

AFFECTED PRODUCTS

vendor:digiummodel:certified asteriskscope:eqversion:13.21

Trust: 1.0

vendor:digiummodel:asteriskscope:gteversion:13.0.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:digiummodel:asteriskscope:lteversion:13.29.1

Trust: 1.0

vendor:digiummodel:asteriskscope:lteversion:13.x

Trust: 0.8

vendor:digiummodel:certified asteriskscope:lteversion:13.21-x

Trust: 0.8

vendor:sangomamodel:asteriskscope:lteversion:<=13.*

Trust: 0.6

vendor:sangomamodel:certified asteriskscope:lteversion:<=13.21-*

Trust: 0.6

sources: CNVD: CNVD-2020-01312 // JVNDB: JVNDB-2019-012748 // NVD: CVE-2019-18976

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-18976
value: HIGH

Trust: 1.0

NVD: CVE-2019-18976
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-01312
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201911-1292
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2019-18976
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2020-01312
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-18976
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-18976
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-01312 // JVNDB: JVNDB-2019-012748 // CNNVD: CNNVD-201911-1292 // NVD: CVE-2019-18976

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.8

sources: JVNDB: JVNDB-2019-012748 // NVD: CVE-2019-18976

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-1292

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201911-1292

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012748

PATCH
title:AST-2019-008url:http://downloads.asterisk.org/pub/security/AST-2019-008.html
Trust: 0.8
title:Security Advisoriesurl:https://www.asterisk.org/downloads/security-advisories
Trust: 0.8
title:Patch for Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk Code Issue Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/196675
Trust: 0.6
title:Sangoma Technologies Asterisk  and Sangoma Technologies Certified Asterisk Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=104688
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-01312 // 
            
            
            
            JVNDB: JVNDB-2019-012748 // 
            
            
            
            CNNVD: CNNVD-201911-1292

EXTERNAL IDS
db:NVDid:CVE-2019-18976
Trust: 3.1
db:PACKETSTORMid:155436
Trust: 1.7
db:CS-HELPid:SB2019112218
Trust: 1.6
db:JVNDBid:JVNDB-2019-012748
Trust: 0.8
db:CNVDid:CNVD-2020-01312
Trust: 0.6
db:AUSCERTid:ESB-2019.4421
Trust: 0.6
db:CNNVDid:CNNVD-201911-1292
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-01312 // 
            
            
            
            JVNDB: JVNDB-2019-012748 // 
            
            
            
            PACKETSTORM: 155436 // 
            
            
            
            CNNVD: CNNVD-201911-1292 // 
            
            
            
            NVD: CVE-2019-18976

REFERENCES
url:https://seclists.org/fulldisclosure/2019/nov/20
Trust: 2.2
url:http://downloads.asterisk.org/pub/security/ast-2019-008.html
Trust: 2.2
url:https://packetstormsecurity.com/files/155436/asterisk-project-security-advisory-ast-2019-008.html
Trust: 2.2
url:https://www.cybersecurity-help.cz/vdb/sb2019112218?affchecked=1
Trust: 1.6
url:https://www.asterisk.org/downloads/security-advisories
Trust: 1.6
url:https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-18976
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-18976
Trust: 0.8
url:http://downloads.asterisk.org/pub/security/ast-2019-007.html
Trust: 0.6
url:http://downloads.asterisk.org/pub/security/ast-2019-006.html
Trust: 0.6
url:https://vigilance.fr/vulnerability/asterisk-denial-of-service-via-t-38-sdp-re-invite-30937
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.4421/
Trust: 0.6
url:http://downloads.asterisk.org/pub/security/ast-2019-008-13.diff
Trust: 0.1
url:https://issues.asterisk.org/jira/browse/asterisk-28612
Trust: 0.1
url:http://downloads.digium.com/pub/security/.pdf
Trust: 0.1
url:http://www.asterisk.org/security
Trust: 0.1
url:http://downloads.digium.com/pub/security/.html
Trust: 0.1
url:http://downloads.asterisk.org/pub/security/ast-2019-008-13.21.diff
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-01312 // 
            
            
            
            JVNDB: JVNDB-2019-012748 // 
            
            
            
            PACKETSTORM: 155436 // 
            
            
            
            CNNVD: CNNVD-201911-1292 // 
            
            
            
            NVD: CVE-2019-18976

CREDITS
bford
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201911-1292

SOURCES
db:CNVDid:CNVD-2020-01312
db:JVNDBid:JVNDB-2019-012748
db:PACKETSTORMid:155436
db:CNNVDid:CNNVD-201911-1292
db:NVDid:CVE-2019-18976

LAST UPDATE DATE
2024-11-23T21:52:07.503000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-01312date:2020-01-10T00:00:00
db:JVNDBid:JVNDB-2019-012748date:2019-12-12T00:00:00
db:CNNVDid:CNNVD-201911-1292date:2022-04-06T00:00:00
db:NVDid:CVE-2019-18976date:2024-11-21T04:33:55.320

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-01312date:2020-01-10T00:00:00
db:JVNDBid:JVNDB-2019-012748date:2019-12-12T00:00:00
db:PACKETSTORMid:155436date:2019-11-21T23:55:55
db:CNNVDid:CNNVD-201911-1292date:2019-11-21T00:00:00
db:NVDid:CVE-2019-18976date:2019-11-22T17:15:11.833