Asterisk Multiple Vulnerabilities (AST-2011-005 / AST-2011-006)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The version of Asterisk installed on the remote host may be affected
by multiple denial of service vulnerabilities.

Description :

According to the version in its SIP banner, the version of Asterisk
running on the remote host may be affected by multiple denial of
service vulnerabilities :

- On systems that have the Asterisk Manager interface,
Skinny, SIP over TCP, or the built-in HTTP server
enabled, it is possible for an attacker to open an
unlimited number of connections to Asterisk, which would
cause Asterisk to run out of available file descriptors
and stop processing any new calls. (AST-2011-005)

- It is possible to bypass a security check and execute
shell commands when they should not have that ability.
Note that only users with the 'system' privilege should
be able to do this. (AST-2011-006)

See also :

http://downloads.asterisk.org/pub/security/AST-2011-005.html
http://downloads.asterisk.org/pub/security/AST-2011-006.html

Solution :

Upgrade to Asterisk 1.4.40.1 / 1.6.1.25 / 1.6.2.17.3 / 1.8.3.3 /
Business Edition C.3.6.4 or later.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 53544 ()

Bugtraq ID: 47537

CVE ID: CVE-2011-1507
CVE-2011-1599