APP: Digium Asterisk Manager User Shell Command Execution
This signature detects attempts to exploit a known vulnerability against Digium Asterisk. A successful attack can lead to arbitrary script code execution within the context of the vulnerable application.
Extended Description
Asterisk is prone to a security-bypass vulnerability that affects the manager interface. An attacker can exploit this issue to bypass certain security restrictions and execute shell commands within the context of the affected application.
Affected Products
Asterisk asterisk
Short Name
APP:DIGIUM-ASTERISK-MGR-CMDEXEC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Asterisk CVE-2012-2414 Command Digium Execution Manager Shell User bid:53206
Release Date
01/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/5038
False Positive
Unknown
Vendors
Red_hat
Asterisk
Debian
Gentoo
CVSS Score
6.5