This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:DIGIUM-ASTERISK-MGR-CMDEXEC
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Digium Asterisk Manager User Shell Command Execution
|
Release Date |
2013/01/07
|
Update Number |
2222
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Digium Asterisk Manager User Shell Command Execution
This signature detects attempts to exploit a known vulnerability against Digium Asterisk. A successful attack can lead to arbitrary script code execution within the context of the vulnerable application.
Extended Description
Asterisk is prone to a security-bypass vulnerability that affects the manager interface.
An attacker can exploit this issue to bypass certain security restrictions and execute shell commands within the context of the affected application.
Affected Products
- Asterisk asterisk 10.0
- Asterisk asterisk 10.0.0
- Asterisk asterisk 10.0.1
- Asterisk asterisk 10.2.0
- Asterisk asterisk 10.2.1
- Asterisk asterisk 10.3.0
- Asterisk asterisk 1.6.2
- Asterisk asterisk 1.6.2.15.1
- Asterisk asterisk 1.6.2.16.1
- Asterisk asterisk 1.6.2.16.2
- Asterisk asterisk 1.6.2.17.1
- Asterisk asterisk 1.6.2.17.3
- Asterisk asterisk 1.6.2.18.1
- Asterisk asterisk 1.6.2.18.2
- Asterisk asterisk 1.6.2.2
- Asterisk asterisk 1.6.2.20
- Asterisk asterisk 1.6.2.21
- Asterisk asterisk 1.6.2.22
- Asterisk asterisk 1.6.2.23
- Asterisk asterisk 1.6.2.5
- Asterisk asterisk 1.8
- Asterisk asterisk 1.8.0
- Asterisk asterisk 1.8.1
- Asterisk asterisk 1.8.10.0
- Asterisk asterisk 1.8.10.1
- Asterisk asterisk 1.8.11.0
- Asterisk asterisk 1.8.1.2
- Asterisk asterisk 1.8.2.1
- Asterisk asterisk 1.8.2.4
- Asterisk asterisk 1.8.3.1
- Asterisk asterisk 1.8.3.3
- Asterisk asterisk 1.8.4.1
- Asterisk asterisk 1.8.4 2
- Asterisk asterisk 1.8.4.3
- Asterisk asterisk 1.8.4.4
- Asterisk asterisk 1.8.7.1
- Asterisk asterisk 1.8.7.2
- Asterisk asterisk 1.8.8.2
- Asterisk asterisk_business_edition C.3.1.0
- Asterisk asterisk_business_edition C.3.1 1
- Asterisk asterisk_business_edition C.3.2 2
- Asterisk asterisk_business_edition C.3.2 3
- Asterisk asterisk_business_edition C.3.3.2
- Asterisk asterisk_business_edition C.3.6.2
- Asterisk asterisk_business_edition C.3.6.3
- Asterisk asterisk_business_edition C.3.6.4
- Asterisk asterisk_business_edition C.3.7.3
- Debian linux 6.0 amd64
- Debian linux 6.0 arm
- Debian linux 6.0 ia-32
- Debian linux 6.0 ia-64
- Debian linux 6.0 mips
- Debian linux 6.0 powerpc
- Debian linux 6.0 s/390
- Debian linux 6.0 sparc
- Gentoo linux
- Red_hat fedora 15
- Red_hat fedora 16
- Red_hat fedora 17
References