[asterisk-bugs] [Asterisk 0018482]: Undefined SIP users can exploit default context to make calls

Asterisk Bug Tracker noreply at bugs.digium.com
Thu Dec 16 15:24:49 UTC 2010


The following issue has been UPDATED. 
====================================================================== 
https://issues.asterisk.org/view.php?id=18482 
====================================================================== 
Reported By:                ngupta
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   18482
Category:                   Channels/chan_sip/General
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     closed
Asterisk Version:           1.4.37 
JIRA:                        
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
Resolution:                 no change required
Fixed in Version:           
====================================================================== 
Date Submitted:             2010-12-15 17:57 CST
Last Modified:              2010-12-16 09:24 CST
====================================================================== 
Summary:                    Undefined SIP users can exploit default context to
make calls
Description: 
A sip client can exploit the default context created in asterisk server.
Even when a user is not defined anywhere in asterisk config, that user can
place calls to users or extensions through 'default' context.

This is reproducible. Setup info is simple:
1. create an asterisk server
2. Dont care for any users
3. Start server
4. Pick any SIP client e.g. xten lite
5. Enter all info about asterisk server and pick a random user ID which
does not exist on asterisk.
6. xten lite will keep showing some error and asterisk logs will show 'No
matching peer found'
7. xten lite can still place calls to defined extensions
8. if outgoing plan is also part of 'default' context, then that undefined
user was able to dial outside using trunk.

I think this is a big security issue.
====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2010-12-16 09:24 lmadsen        Status                   new => closed       
2010-12-16 09:24 lmadsen        Resolution               open => no change
required
======================================================================




More information about the asterisk-bugs mailing list