Asterisk libcURL HTTP Request Injection (AST-2015-002)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

A telephony application running on the remote host is affected by an
HTTP request injection vulnerability.

Description :

According to its SIP banner, the version of Asterisk running on the
remote host is potentially affected by an HTTP request injection
vulnerability due to a flaw within the included libcURL library in the
'parseurlandfillconn' function when handling line feeds and carriage
returns. A remote attacker, using a specially crafted request, could
exploit this to inject unauthorized HTTP requests containing malicious
data or request headers.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.

See also :

http://downloads.asterisk.org/pub/security/AST-2015-002.html
https://issues.asterisk.org/jira/browse/ASTERISK-24676

Solution :

Upgrade to Asterisk 1.8.32.2 / 11.15.1 / 12.8.1 / 13.1.1 /
1.8.28-cert4 / 11.6-cert10, or apply the appropriate patch listed in
the Asterisk advisory.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 81257 ()

Bugtraq ID: 71964

CVE ID: CVE-2014-8150

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now