1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ALERT RTP stream security risk

Discussion in 'Bug Reporting and Fixes' started by atsak, Sep 1, 2017.

  1. ostridge

    ostridge Guru

    Joined:
    Jan 22, 2015
    Messages:
    294
    Likes Received:
    54
    I applied the above on Raspbian, no errors but
    when I did nano on /etc/iptables/rules.v4, nano couldn't find "-A INPUT -p udp -m multiport --dports 10000:20000 -j ACCEPT" (using ctrl+W )

    Instead I found
    Code:
    -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
    but no #. Also no mention of multiport

    Same thing in rules.v4.ubunto14.

    Shouldn't these code lines be included in the root logon updates utility?
     
  2. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    13,825
    Likes Received:
    2,293
  3. merk

    merk Guru

    Joined:
    Sep 5, 2008
    Messages:
    66
    Likes Received:
    1
    Can you please provide any guidance how to apply the patch?

    I tried to search online but couldnt figure out how to apply the .diff file.

    Thanks in advance
     
  4. Jose Pinto

    Jose Pinto Member

    Joined:
    Oct 26, 2017
    Messages:
    144
    Likes Received:
    19
    Hi
    I'm a little bit confused, I read this post on Blog Nerd Vittles Blog: "RTPbleed Security Alert: Asterisk Calls Can Be Intercepted" so for curiosity I just start to look at iptables and I did not find the line: -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT , I find this line: -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT.
    After that I start to read this post I seams to me that @wardmundy already fixed the problem with the new install of 13-13 ( I made mine13-13 in last november), so I do not need to do any action, right?
    TIA
     
    #24 Jose Pinto, Jan 4, 2018
    Last edited: Jan 4, 2018
  5. wardmundy

    wardmundy Nerd Uno

    Joined:
    Oct 12, 2007
    Messages:
    13,825
    Likes Received:
    2,293
    Correct. It's been addressed.
     
    Jose Pinto likes this.

Share This Page