Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:1361412562310104449
HistoryDec 02, 2022 - 12:00 a.m.

Asterisk Multiple Vulnerabilities (AST-2022-007, AST-2022-008, AST-2022-009)

2022-12-0200:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
6
asterisk
multiple vulnerabilities
remote crash
denial of service
escalation of privileges
cve-2022-37325
cve-2022-42705
cve-2022-42706
open source
16.x
18.x
19.x
20.x

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

Asterisk is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:digium:asterisk";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.104449");
  script_version("2023-12-19T05:05:25+0000");
  script_tag(name:"last_modification", value:"2023-12-19 05:05:25 +0000 (Tue, 19 Dec 2023)");
  script_tag(name:"creation_date", value:"2022-12-02 13:33:50 +0000 (Fri, 02 Dec 2022)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-12-07 17:27:00 +0000 (Wed, 07 Dec 2022)");

  script_cve_id("CVE-2022-37325", "CVE-2022-42705", "CVE-2022-42706");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Asterisk Multiple Vulnerabilities (AST-2022-007, AST-2022-008, AST-2022-009)");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("General");
  script_dependencies("gb_digium_asterisk_sip_detect.nasl");
  script_mandatory_keys("digium/asterisk/detected");

  script_tag(name:"summary", value:"Asterisk is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The following vulnerabilities exist:

  - CVE-2022-37325: Remote Crash Vulnerability in H323 channel add on due to an exploitable stack
  buffer underflow

  - CVE-2022-42705: Denial of service (DoS) due to an use after free in res_pjsip_pubsub.c

  - CVE-2022-42706: Escalation of privileges because the GetConfig AMI Action can read files outside
  of Asterisk directory");

  script_tag(name:"affected", value:"Asterisk Open Source 16.x, 18.x, 19.x, 20.x and 18.x Certified
  Asterisk.");

  script_tag(name:"solution", value:"Update to version 16.29.1, 18.9-cert3, 18.15.1, 19.7.1, 20.0.1
  or later.");

  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-007.html");
  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-008.html");
  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-009.html");

  exit(0);
}

include("host_details.inc");
include("revisions-lib.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!version = get_app_version(cpe: CPE, port: port))
  exit(0);

if (version =~ "^18\.") {
  if (version =~ "^18\.[0-9]cert") {
    if (revcomp(a: version, b: "18.9-cert3") < 0) {
      report = report_fixed_ver(installed_version: version, fixed_version: "18.9-cert3");
      security_message(port: port, data: report, proto: "udp");
      exit(0);
    }
  }
  else {
    if (version_is_less(version: version, test_version: "18.15.1")) {
      report = report_fixed_ver(installed_version: version, fixed_version: "18.15.1");
      security_message(port: port, data: report, proto: "udp");
      exit(0);
    }
  }
}

if (version_in_range_exclusive(version: version, test_version_lo: "16.0", test_version_up: "16.29.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "16.29.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

if (version_in_range_exclusive(version: version, test_version_lo: "19.0", test_version_up: "19.7.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "19.7.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

if (version_is_equal(version: version, test_version: "20.0.0")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "20.0.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

exit(99);

Related

nessus 3
freebsd 1
debian 2
alpinelinux 3
osv 5
openvas 2
veracode 3
cvelist 3
debiancve 3
nvd 3
ubuntucve 3
prion 3
cve 3
nessus
nessus
FreeBSD : Asterisk -- multiple vulnerabilities (8dd438ed-a338-11ed-b48b-589cfc0f81b0)
2023-02-02 00:00:00
Debian DSA-5358-1 : asterisk - security update
2023-02-24 00:00:00
Debian DLA-3335-1 : asterisk - LTS security update
2023-02-24 00:00:00
freebsd
freebsd
Asterisk -- multiple vulnerabilities
2022-12-01 00:00:00
debian
debian
[SECURITY] [DSA 5358-1] asterisk security update
2023-02-23 09:14:43
[SECURITY] [DLA 3335-1] asterisk security update
2023-02-22 22:36:41
alpinelinux
alpinelinux
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10
CVE-2022-42705
2022-12-05 21:15:10
osv
osv
asterisk - security update
2023-02-23 00:00:00
asterisk - security update
2023-02-22 00:00:00
CVE-2022-42705
2022-12-05 21:15:10
openvas
openvas
Debian: Security Advisory (DSA-5358-1)
2023-02-24 00:00:00
Debian: Security Advisory (DLA-3335-1)
2023-02-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-12-13 12:22:58
Path Traversal
2022-12-13 23:44:07
Denial Of Service (DoS)
2022-12-13 23:44:04
cvelist
cvelist
CVE-2022-42706
2022-12-05 00:00:00
CVE-2022-37325
2022-12-05 00:00:00
CVE-2022-42705
2022-12-05 00:00:00
debiancve
debiancve
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10
CVE-2022-42706
2022-12-05 21:15:10
nvd
nvd
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10
ubuntucve
ubuntucve
CVE-2022-37325
2022-12-05 00:00:00
CVE-2022-42706
2022-12-05 00:00:00
CVE-2022-42705
2022-12-05 00:00:00
prion
prion
Design/Logic Flaw
2022-12-05 21:15:00
Directory traversal
2022-12-05 21:15:00
Code injection
2022-12-05 21:15:00
cve
cve
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON
Related for OPENVAS:1361412562310104449
nessus3freebsd1debian2alpinelinux3osv5openvas2veracode3cvelist3debiancve3nvd3ubuntucve3prion3cve3