Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:1361412562310104449
HistoryDec 02, 2022 - 12:00 a.m.

Asterisk Multiple Vulnerabilities (AST-2022-007, AST-2022-008, AST-2022-009)

2022-12-0200:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
10
asterisk
multiple vulnerabilities
remote crash
denial of service
escalation of privileges
cve-2022-37325
cve-2022-42705
cve-2022-42706
open source
16.x
18.x
19.x
20.x

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.004

Percentile

74.4%

JSON

Asterisk is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:digium:asterisk";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.104449");
  script_version("2023-12-19T05:05:25+0000");
  script_tag(name:"last_modification", value:"2023-12-19 05:05:25 +0000 (Tue, 19 Dec 2023)");
  script_tag(name:"creation_date", value:"2022-12-02 13:33:50 +0000 (Fri, 02 Dec 2022)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-12-07 17:27:00 +0000 (Wed, 07 Dec 2022)");

  script_cve_id("CVE-2022-37325", "CVE-2022-42705", "CVE-2022-42706");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Asterisk Multiple Vulnerabilities (AST-2022-007, AST-2022-008, AST-2022-009)");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("General");
  script_dependencies("gb_digium_asterisk_sip_detect.nasl");
  script_mandatory_keys("digium/asterisk/detected");

  script_tag(name:"summary", value:"Asterisk is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The following vulnerabilities exist:

  - CVE-2022-37325: Remote Crash Vulnerability in H323 channel add on due to an exploitable stack
  buffer underflow

  - CVE-2022-42705: Denial of service (DoS) due to an use after free in res_pjsip_pubsub.c

  - CVE-2022-42706: Escalation of privileges because the GetConfig AMI Action can read files outside
  of Asterisk directory");

  script_tag(name:"affected", value:"Asterisk Open Source 16.x, 18.x, 19.x, 20.x and 18.x Certified
  Asterisk.");

  script_tag(name:"solution", value:"Update to version 16.29.1, 18.9-cert3, 18.15.1, 19.7.1, 20.0.1
  or later.");

  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-007.html");
  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-008.html");
  script_xref(name:"URL", value:"https://downloads.asterisk.org/pub/security/AST-2022-009.html");

  exit(0);
}

include("host_details.inc");
include("revisions-lib.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!version = get_app_version(cpe: CPE, port: port))
  exit(0);

if (version =~ "^18\.") {
  if (version =~ "^18\.[0-9]cert") {
    if (revcomp(a: version, b: "18.9-cert3") < 0) {
      report = report_fixed_ver(installed_version: version, fixed_version: "18.9-cert3");
      security_message(port: port, data: report, proto: "udp");
      exit(0);
    }
  }
  else {
    if (version_is_less(version: version, test_version: "18.15.1")) {
      report = report_fixed_ver(installed_version: version, fixed_version: "18.15.1");
      security_message(port: port, data: report, proto: "udp");
      exit(0);
    }
  }
}

if (version_in_range_exclusive(version: version, test_version_lo: "16.0", test_version_up: "16.29.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "16.29.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

if (version_in_range_exclusive(version: version, test_version_lo: "19.0", test_version_up: "19.7.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "19.7.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

if (version_is_equal(version: version, test_version: "20.0.0")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "20.0.1");
  security_message(port: port, data: report, proto: "udp");
  exit(0);
}

exit(99);

Related

freebsd 1
nessus 3
debian 2
openvas 2
osv 5
alpinelinux 3
veracode 3
cvelist 3
ubuntucve 3
nvd 3
prion 3
debiancve 3
cve 3
freebsd
freebsd
Asterisk -- multiple vulnerabilities
2022-12-01 00:00:00
nessus
nessus
FreeBSD : Asterisk -- multiple vulnerabilities (8dd438ed-a338-11ed-b48b-589cfc0f81b0)
2023-02-02 00:00:00
Debian DLA-3335-1 : asterisk - LTS security update
2023-02-24 00:00:00
Debian DSA-5358-1 : asterisk - security update
2023-02-24 00:00:00
debian
debian
[SECURITY] [DLA 3335-1] asterisk security update
2023-02-22 22:36:41
[SECURITY] [DSA 5358-1] asterisk security update
2023-02-23 09:14:43
openvas
openvas
Debian: Security Advisory (DSA-5358-1)
2023-02-24 00:00:00
Debian: Security Advisory (DLA-3335-1)
2023-02-23 00:00:00
osv
osv
asterisk - security update
2023-02-23 00:00:00
asterisk - security update
2023-02-22 00:00:00
CVE-2022-42706
2022-12-05 21:15:10
alpinelinux
alpinelinux
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10
CVE-2022-42705
2022-12-05 21:15:10
veracode
veracode
Denial Of Service (DoS)
2022-12-13 12:22:58
Path Traversal
2022-12-13 23:44:07
Denial Of Service (DoS)
2022-12-13 23:44:04
cvelist
cvelist
CVE-2022-42706
2022-12-05 00:00:00
CVE-2022-37325
2022-12-05 00:00:00
CVE-2022-42705
2022-12-05 00:00:00
ubuntucve
ubuntucve
CVE-2022-37325
2022-12-05 00:00:00
CVE-2022-42705
2022-12-05 00:00:00
CVE-2022-42706
2022-12-05 00:00:00
nvd
nvd
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10
prion
prion
Design/Logic Flaw
2022-12-05 21:15:00
Code injection
2022-12-05 21:15:00
Directory traversal
2022-12-05 21:15:00
debiancve
debiancve
CVE-2022-37325
2022-12-05 21:15:10
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-42706
2022-12-05 21:15:10
cve
cve
CVE-2022-42706
2022-12-05 21:15:10
CVE-2022-42705
2022-12-05 21:15:10
CVE-2022-37325
2022-12-05 21:15:10

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.004

Percentile

74.4%

JSON
Related for OPENVAS:1361412562310104449
freebsd1nessus3debian2openvas2osv5alpinelinux3veracode3cvelist3ubuntucve3nvd3prion3debiancve3cve3