Asterisk libcURL HTTP Request Injection (AST-2015-002)
Medium Nessus Plugin ID 81257
SynopsisA telephony application running on the remote host is affected by an HTTP request injection vulnerability.
DescriptionAccording to its SIP banner, the version of Asterisk running on the remote host is potentially affected by an HTTP request injection vulnerability due to a flaw within the included libcURL library in the 'parseurlandfillconn' function when handling line feeds and carriage returns. A remote attacker, using a specially crafted request, could exploit this to inject unauthorized HTTP requests containing malicious data or request headers.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Asterisk 220.127.116.11 / 11.15.1 / 12.8.1 / 13.1.1 / 1.8.28-cert4 / 11.6-cert10, or apply the appropriate patch listed in the Asterisk advisory.