Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.3
CVSSv3

CVE-2016-9938

Published: 12/12/2016 Updated: 27/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Asterisk

Vulnerability Summary

An issue exists in Asterisk Open Source 11.x prior to 11.25.1, 13.x prior to 13.13.1, and 14.x prior to 14.2.1 and Certified Asterisk 11.x prior to 11.6-cert16 and 13.x prior to 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC 3261 and stripping only spaces and horizontal tabs, Asterisk treats any non-printable ASCII character as if it were whitespace. This means that headers such as Contact\x01: will be seen as a valid Contact header. This mostly does not pose a problem until Asterisk is placed in tandem with an authenticating SIP proxy. In such a case, a crafty combination of valid and invalid To headers can cause a proxy to allow an INVITE request into Asterisk without authentication since it believes the request is an in-dialog request. However, because of the bug described above, the request will look like an out-of-dialog request to Asterisk. Asterisk will then process the request as a new call. The result is that Asterisk can process calls from unvetted sources without any authentication. If you do not use a proxy for authentication, then this issue does not affect you. If your proxy is dialog-aware (meaning that the proxy keeps track of what dialogs are currently valid), then this issue does not affect you. If you use chan_pjsip instead of chan_sip, then this issue does not affect you.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

digium asterisk 11.0.0

digium asterisk 11.0.1

digium asterisk 11.10.0

digium asterisk 11.10.1

digium asterisk 11.14.1

digium asterisk 11.14.2

digium asterisk 11.19.0

digium asterisk 11.2.0

digium asterisk 11.21.1

digium asterisk 11.1.0

digium asterisk 11.12.0

digium asterisk 11.12.1

digium asterisk 11.16.0

digium asterisk 11.17.0

digium asterisk 11.2.1

digium asterisk 11.2.2

digium asterisk 11.23.0

digium asterisk 11.23.1

digium asterisk 11.5.1

digium asterisk 11.6.0

digium asterisk 13.0.0

digium asterisk 13.11.0

digium asterisk 13.11.1

digium asterisk 13.2.1

digium asterisk 13.3.0

digium asterisk 13.7.1

digium asterisk 13.7.2

digium asterisk 11.21.2

digium asterisk 11.25.0

digium asterisk 11.3.0

digium asterisk 11.8.0

digium asterisk 11.8.1

digium asterisk 13.0.2

digium asterisk 13.1.0

digium asterisk 13.12.1

digium asterisk 13.12.2

digium asterisk 13.4.0

digium asterisk 13.5.0

digium asterisk 13.8.1

digium asterisk 13.8.2

digium asterisk 14.0.1

digium asterisk 14.0.2

digium asterisk 14.0.0

digium asterisk 14.1.2

digium asterisk 14.2.0

digium asterisk 11.1.1

digium asterisk 11.1.2

digium asterisk 11.13.0

digium asterisk 11.13.1

digium asterisk 11.14.0

digium asterisk 11.17.1

digium asterisk 11.18.0

digium asterisk 11.20.0

digium asterisk 11.21.0

digium asterisk 11.24.0

digium asterisk 11.24.1

digium asterisk 11.6.1

digium asterisk 11.7.0

digium asterisk 13.0.1

digium asterisk 13.11.2

digium asterisk 13.12.0

digium asterisk 13.3.1

digium asterisk 13.3.2

digium asterisk 13.8.0

digium asterisk 11.0.2

digium asterisk 11.10.2

digium asterisk 11.11.0

digium asterisk 11.15.0

digium asterisk 11.15.1

digium asterisk 11.22.0

digium asterisk 11.4.0

digium asterisk 11.5.0

digium asterisk 11.9.0

digium asterisk 13.1.1

digium asterisk 13.10.0

digium asterisk 13.13.0

digium asterisk 13.2.0

digium asterisk 13.6.0

digium asterisk 13.7.0

digium asterisk 13.9.0

digium asterisk 13.9.1

digium asterisk 14.1.0

digium asterisk 14.1.1

digium certified asterisk 11.0.0

digium certified asterisk 11.2.0

digium certified asterisk 11.4.0

digium certified asterisk 11.5.0

digium certified asterisk 11.6

digium certified asterisk 11.6.0

digium certified asterisk 11.1.0

digium certified asterisk 11.3.0

Vendor Advisories

Debian CVElist Bug Report Logs: asterisk: CVE-2016-9938
Debian Bug report logs - #847668 asterisk: CVE-2016-9938 Package: src:asterisk; Maintainer for src:asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Dec 2016 14:57:05 UTC Severity: normal Tags: patch, security, upstream Mer ...

References

CWE-285http://downloads.asterisk.org/pub/security/AST-2016-009.htmlhttp://www.securityfocus.com/bid/94789http://www.securitytracker.com/id/1037408https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847668https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook