Condorlab

Asterisk – Stack consumption Vulnerability in the res_http_websocket.so module of Asterisk


Advisory IDRSN-SIP-1625

Vulnerability Information

There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.

Technical Information

Vulnerability allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.

Solutions

The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team Condor-Labs.com is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit www.redshiftnetworks.com

External Resources

http://www.securityfocus.com/bid/105389
https://seclists.org/bugtraq/2018/Sep/53
http://downloads.asterisk.org/pub/security/AST-2018-009.html
https://issues.asterisk.org/jira/browse/ASTERISK-28013
http://www.securitytracker.com/id/1041694

Common Vulnerabilities and Exposures (CVE)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17281