[asterisk-bugs] [Asterisk 0018482]: Undefined SIP users can exploit default context to make calls

Asterisk Bug Tracker noreply at bugs.digium.com
Wed Dec 15 23:57:12 UTC 2010 

The following issue has been SUBMITTED. 
====================================================================== 
https://issues.asterisk.org/view.php?id=18482 
====================================================================== 
Reported By:                ngupta
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   18482
Category:                   Channels/chan_sip/General
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.37 
JIRA:                        
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2010-12-15 17:57 CST
Last Modified:              2010-12-15 17:57 CST
====================================================================== 
Summary:                    Undefined SIP users can exploit default context to
make calls
Description: 
A sip client can exploit the default context created in asterisk server.
Even when a user is not defined anywhere in asterisk config, that user can
place calls to users or extensions through 'default' context.

This is reproducible. Setup info is simple:
1. create an asterisk server
2. Dont care for any users
3. Start server
4. Pick any SIP client e.g. xten lite
5. Enter all info about asterisk server and pick a random user ID which
does not exist on asterisk.
6. xten lite will keep showing some error and asterisk logs will show 'No
matching peer found'
7. xten lite can still place calls to defined extensions
8. if outgoing plan is also part of 'default' context, then that undefined
user was able to dial outside using trunk.

I think this is a big security issue.
====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2010-12-15 17:57 ngupta         New Issue                                    
2010-12-15 17:57 ngupta         Asterisk Version          => 1.4.37          
2010-12-15 17:57 ngupta         Regression                => No              
2010-12-15 17:57 ngupta         SVN Branch (only for SVN checkouts, not tarball
releases) => N/A             
======================================================================

More information about the asterisk-bugs mailing list