Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26207
HistoryApr 26, 2011 - 12:00 a.m.

AST-2011-006: Asterisk Manager User Shell Access

2011-04-2600:00:00
vulners.com
8
JSON
           Asterisk Project Security Advisory - AST-2011-006

     Product        Asterisk                                              
     Summary        Asterisk Manager User Shell Access                    
Nature of Advisory  Permission Escalation                                 
  Susceptibility    Remote Authenticated Sessions                         
     Severity       Minor                                                 
  Exploits Known    Yes                                                   
   Reported On      February 10, 2011                                     
   Reported By      Mark Murawski <markm AT intellasoft DOT net>          
    Posted On       April 21, 2011                                        
 Last Updated On    April 21, 2011                                        
 Advisory Contact   Matthew Nicholson <[email protected]>             
     CVE Name

Description It is possible for a user of the Asterisk Manager Interface to
bypass a security check and execute shell commands when they
should not have that ability. Sending the "Async" header with
the "Application" header during an Originate action, allows
authenticated manager users to execute shell commands. Only
users with the "system" privilege should be able to do this.

Resolution Asterisk now performs the proper access check where appropriate
during the originate manager action.

                           Affected Versions
            Product              Release Series 
     Asterisk Open Source            1.4.x      All versions              
     Asterisk Open Source           1.6.1.x     All versions              
     Asterisk Open Source           1.6.2.x     All versions              
     Asterisk Open Source            1.8.x      All versions              
   Asterisk Business Edition         C.x.x      All versions              

                              Corrected In
          Product                               Release                   
    Asterisk Open Source        1.4.40.1, 1.6.1.25, 1.6.2.17.3, 1.8.3.3   
 Asterisk Business Edition                      C.3.6.4                   

                                Patches                            
                               URL                                 Branch

http://downloads.asterisk.org/pub/security/AST-2011-006-1.4.diff 1.4
http://downloads.asterisk.org/pub/security/AST-2011-006-1.6.1.diff 1.6.1
http://downloads.asterisk.org/pub/security/AST-2011-006-1.6.2.diff 1.6.2
http://downloads.asterisk.org/pub/security/AST-2011-006-1.8.diff 1.8

      Links

Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/AST-2011-006.pdf and
http://downloads.digium.com/pub/security/AST-2011-006.html

                            Revision History
      Date                 Editor                  Revisions Made

4/21/11 Matthew Nicholson Initial version

           Asterisk Project Security Advisory - AST-2011-006
          Copyright (c) 2011 Digium, Inc. All Rights Reserved.

Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.

JSON