Posted: Wed Oct 17, 2007 12:23 am Post subject: [asterisk-announce] AST-2007-023: SQL Injection vulnerabilit
Asterisk Project Security Advisory - AST-2007-023
+------------------------------------------------------------------------+
| Product | Asterisk-Addons |
|--------------------+---------------------------------------------------|
| Summary | SQL Injection Vulnerability in cdr_addon_mysql |
|--------------------+---------------------------------------------------|
| Nature of Advisory | SQL Injection |
|--------------------+---------------------------------------------------|
| Susceptibility | Remote Unauthenticated Sessions |
|--------------------+---------------------------------------------------|
| Severity | Minor |
|--------------------+---------------------------------------------------|
| Exploits Known | Yes |
|--------------------+---------------------------------------------------|
| Reported On | October 16, 2007 |
|--------------------+---------------------------------------------------|
| Reported By | Humberto Abdelnur <humberto.abdelnur AT loria DOT |
| | fr> |
|--------------------+---------------------------------------------------|
| Posted On | October 16, 2007 |
|--------------------+---------------------------------------------------|
| Last Updated On | October 16, 2007 |
|--------------------+---------------------------------------------------|
| Advisory Contact | Tilghman Lesher <tlesher AT digium DOT com> |
|--------------------+---------------------------------------------------|
| CVE Name | CVE-2007-5488 |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Description | The source and destination numbers for a given call are |
| | not correctly escaped by the cdr_addon_mysql module when |
| | inserting a record. Therefore, a carefully crafted |
| | destination number sent to an Asterisk system running |
| | cdr_addon_mysql could escape out of a SQL data field and |
| | create another query. This vulnerability is made all the |
| | more severe if a user were using realtime data, since |
| | the data may exist in the same database as the inserted |
| | call detail record, thus creating all sorts of possible |
| | data corruption and invalidation issues. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Resolution | The Asterisk-addons package is not distributed with |
| | Asterisk, nor is it installed by default. The module may |
| | be either disabled or upgraded to fix this issue. |
+------------------------------------------------------------------------+
+------------------------------------------------------------------------+
| Revision History |
|------------------------------------------------------------------------|
| Date | Editor | Revisions Made |
|-----------------+-----------------------+------------------------------|
| 2007-10-16 | Tilghman Lesher | Initial release |
|-----------------+-----------------------+------------------------------|
| 2007-10-16 | Tilghman Lesher | Added CVE number |
+------------------------------------------------------------------------+
Asterisk Project Security Advisory - 2007-AST-023
Copyright (c) 2007 Digium, Inc. All Rights Reserved.
Permission is hereby granted to distribute and publish this advisory in its
original, unaltered form.
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum