Vigil@nce - Asterisk: privilege escalation via AMI
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use the AMI interface of Asterisk, in order to
execute a shell command, or to create a file.
Impacted products: Asterisk Open Source
Severity: 2/4
Creation date: 17/12/2013
DESCRIPTION OF THE VULNERABILITY
The Asterisk service offers an AMI interface (Asterisk Manager
Interface), so an external program can interact with the service.
Diaplan functions are reachable via AMI. For example:
- SHELL() : execute a command
- FILE() : create a file
However, if the AMI access is not correctly authenticated, an
attacker can use this interface to escalate his privileges.
An attacker can therefore use the AMI interface of Asterisk, in
order to execute a shell command, or to create a file.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Asterisk-privilege-escalation-via-AMI-13955