SIP Script Remote Command Execution via Shellshock

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote SIP server uses scripts that allow remote command execution
via Shellshock.

Description :

The remote host appears to be running SIP. SIP itself is not
vulnerable to Shellshock; however, any Bash script that SIP runs for
filtering or other routing tasks could potentially be affected if the
script exports an environmental variable from the content or headers
of a SIP message.

A negative result from this plugin does not prove conclusively that
the remote system is not affected by Shellshock, only that any scripts
the SIP proxy may be running do not create the conditions that are
exploitable via the Shellshock flaw.

See also :

http://seclists.org/oss-sec/2014/q3/650
http://www.nessus.org/u?dacf7829
https://www.invisiblethreat.ca/post/shellshock/

Solution :

Apply the referenced Bash patch or remove the affected SIP scripts /
modules.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 78822 ()

Bugtraq ID: 70103

CVE ID: CVE-2014-6271

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now