Condorlab

Asterisk – Bug in chan_sip allows to enter without prior authentication.


Advisory IDRSN-SIP-1557


Vulnerability Information

 

Bug affects the versions of Asterisk Open Source 11.X, 13.X, 14.X and Certified Asterisk 13.8 that implement chan_sip allowing remote access without authenticating.


Release Date

2016-12-12 00:00:00


Chan_sip is a channel driver used for SIP functionality in Asterisk based devices (and likely others) for years. A channel driver is what allows your device/software to communicate via some protocol (SIP, IAX, Skinny, etc).  Chan_sip was developed when SIP was fairly new and prior to 2014 if you were communicating via SIP it is extremely likely that some device in that conversation was operating with chan_sip.

 

 

 


Technical Information

 

This security flaw identified with the CVE-2016-9938 generates under the names of the valid and deactivated recipients when the remote user can supply specially designed SIP header values to bypass authentication of the authentication and an INVITE request to the Asterisk system.


Solutions

 

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com


External Resources

 

Asterisk Project Security Advisory

http://downloads.asterisk.org/pub/security/AST-2016-009.html

Common Vulnerabilities and Exposures (CVE)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9938