SIP Script Remote Command Execution via Shellshock
Critical Nessus Plugin ID 78822
SynopsisThe remote SIP server uses scripts that allow remote command execution via Shellshock.
DescriptionThe remote host appears to be running SIP. SIP itself is not vulnerable to Shellshock; however, any Bash script that SIP runs for filtering or other routing tasks could potentially be affected if the script exports an environmental variable from the content or headers of a SIP message.
A negative result from this plugin does not prove conclusively that the remote system is not affected by Shellshock, only that any scripts the SIP proxy may be running do not create the conditions that are exploitable via the Shellshock flaw.
SolutionApply the referenced Bash patch or remove the affected SIP scripts / modules.