what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Asterisk Project Security Advisory - AST-2014-017

Asterisk Project Security Advisory - AST-2014-017
Posted Nov 21, 2014
Authored by Kevin Harwell, Gareth Palmer | Site asterisk.org

Asterisk Project Security Advisory - The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action "ConfbridgeStartRecord" could also be used to execute arbitrary system commands without first checking for system access.

tags | advisory, arbitrary, protocol
SHA-256 | eebc8eabd10dc9e3b8bc9523e239a9374c0d69bf823e68db757ae0b2b1368d33

Asterisk Project Security Advisory - AST-2014-017

Change Mirror Download
               Asterisk Project Security Advisory - AST-2014-017

Product Asterisk
Summary Permission escalation through ConfBridge
actions/dialplan functions
Nature of Advisory Permission Escalation
Susceptibility Remote Authenticated Sessions
Severity Minor
Exploits Known No
Reported On November 4, 2014
Reported By Gareth Palmer
Posted On 20 November, 2014
Last Updated On November 20, 2014
Advisory Contact Kevin Harwell <kharwell AT digium DOT com>
CVE Name Pending

Description The CONFBRIDGE dialplan function when executed from an
external protocol (for instance AMI), could result in a
privilege escalation. Also, the AMI action
"ConfbridgeStartRecord" could also be used to execute
arbitrary system commands without first checking for system
access.

Resolution Asterisk now inhibits the CONFBRIDGE function from being
executed from an external interface if the live_dangerously
option is set to no. Also, the "ConfbridgeStartRecord" AMI
action is now only allowed to execute under a user with
system level access.

Affected Versions
Product Release
Series
Asterisk Open Source 11.x All versions
Asterisk Open Source 12.x All versions
Asterisk Open Source 13.x All versions
Certified Asterisk 11.6 All versions

Corrected In
Product Release
Asterisk Open Source 11.14.1, 12.7.1, 13.0.1
Certified Asterisk 11.6-cert8

Patches
SVN URL Revision
http://downloads.asterisk.org/pub/security/AST-2014-017-11.diff Asterisk
11
http://downloads.asterisk.org/pub/security/AST-2014-017-12.diff Asterisk
12
http://downloads.asterisk.org/pub/security/AST-2014-017-13.diff Asterisk
13
http://downloads.asterisk.org/pub/security/AST-2014-017-11.6.diff Certified
Asterisk
11.6

Links https://issues.asterisk.org/jira/browse/ASTERISK-24490

Asterisk Project Security Advisories are posted at
http://www.asterisk.org/security

This document may be superseded by later versions; if so, the latest
version will be posted at
http://downloads.digium.com/pub/security/AST-2014-017.pdf and
http://downloads.digium.com/pub/security/AST-2014-017.html

Revision History
Date Editor Revisions Made
November 18, 2014 Kevin Harwell Initial advisory created

Asterisk Project Security Advisory - AST-2014-017
Copyright (c) 2014 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.



Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close