[asterisk-dev] security breach via call-limit/groupcount
Marek Cervenka
cervajs at fpf.slu.cz
Mon Feb 24 10:34:33 CST 2014
hi,
i have access to one box with asterisk 1.8 where attacker can go through
call-limit/groupcount
sip scenario was
INVITE from: X TO: Y
INVITE (authorization) from: X TO: Y
INVITE (in-dialog) from: X TO: Y
REFER (in-dialog) refer-by: X refer-TO: Y
in cdr i see (there is groupcount info)
src,dst,billsec,userfield, dialstatus
X,Y, T>5, groupcount=1:call-limit=2, ANSWERED
X,Y, T<5, groupcount=2:call-limit=2, ANSWERED
X,Y, T>5, groupcount=1:call-limit=2, ANSWERED
X,Y, T<5, groupcount=2:call-limit=2, ANSWERED
...
it seems like the sip scenario resetting the groupcount info and
call-limit is not working
i'm trying asterisk-dev if some experienced developer can confirm that
sip scenario cannot "harm" Asterisk
do you think the upgrade to Asterisk 11 can help?
--
---------------------------------------
Marek Cervenka
=======================================
More information about the asterisk-dev
mailing list