Skip to content
Snippets Groups Projects
Select Git revision
  • asterisk_rdkb
  • 16916_rdkb_merge
  • lk_disable_registrar
  • lk_forked_183
  • wenpeng-100rel-ippbx
  • fix_multiple_dns_lookup
  • dev_fxs_no_wb
  • fix_fallback
  • 14666_fxs_no_wideband_codec
  • fix_srv_records
  • fix_deadlock_in_bridge_peer_functions
  • devel default protected
  • securesip_pjproject_part1
  • PJ_Example_Review
  • fix_internal_calls_auth
  • fix_internal_calls
  • Secure_SIPtelephony_part1
  • SIPtelephony_DECT_syslog
  • syslog_develop_phase1
  • merge-asterisk-20.8.1
  • 22.0.0-pre1
  • 21.4.2
  • 20.9.2
  • 18.24.2
  • certified-20.7-cert2
  • certified-18.9-cert11
  • 21.4.1
  • 20.9.1
  • 18.24.1
  • 21.4.0
  • 20.9.0
  • 18.24.0
  • certified-20.7-cert1
  • certified-18.9-cert10
  • 21.4.0-rc1
  • 20.9.0-rc1
  • 18.24.0-rc1
  • 21.3.1
  • 20.8.1
  • 18.23.1
40 results
Blame Permalink
  • Matthew Jordan's avatar
    ccbe965e
    AST-2013-002: Prevent denial of service in HTTP server · ccbe965e
    Matthew Jordan authored 
    AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.

This issue was reported by Christoph Hebeisen of TELUS Security Labs

(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
  AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
  AST-2013-002-10.diff uploaded by mmichelson (License 5049)
  AST-2013-002-11.diff uploaded by mmichelson (License 5049)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383978 65c4cc65-6c06-0410-ace0-fbb531ad65f3
    ccbe965e
    History
    AST-2013-002: Prevent denial of service in HTTP server
    Matthew Jordan authored 
    AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.

This issue was reported by Christoph Hebeisen of TELUS Security Labs

(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
  AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
  AST-2013-002-10.diff uploaded by mmichelson (License 5049)
  AST-2013-002-11.diff uploaded by mmichelson (License 5049)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383978 65c4cc65-6c06-0410-ace0-fbb531ad65f3