Open Source Training Seminar FreePBX Paid Support

Ticket #2776 (closed Bugs: fixed)

Opened 4 months ago

Last modified 1 week ago

Cross Site Scripting Vulnearbility in Asterisk Log Module

Reported by: xenomuta Assigned to: gregmac
Priority: major Milestone: 2.5
Component: Web interface Version: 2.4-branch
Keywords: Cc:
Confirmation: Confirmed SVN Revision (if applicable):
Backend Engine: All Backend Engine Version:

Description

An input validation error exists in admin/modules/logfiles/asterisk-full-log.php when displaying parts of /var/log/asterisk/full. This can be exploited via specially crafted SIP packets to insert arbitrary HTML and script code, which is executed in an administrative user's browser session in context of an affected site when the malicious log entry is viewed.

Change History

04/06/08 20:41:43 changed by p_lindheimer

  • confirmation changed from Unreviewed to Confirmed.
  • milestone changed from Cut Line to 3.0.

07/13/08 21:22:26 changed by p_lindheimer

ok - who knows of a good html filter that we can incorporate to filter this text (that does not require php5)?

07/15/08 10:33:02 changed by errr

Why not just use sed like you already are?

=> cat test <html> not html

p><html> this > that<

=> cat test|sed -e "s/$/<br>/"| sed -e "s,<,\&gt;,g"|sed -e "s,>,\&lt;,g" &gt;html&lt;&gt;br&lt; not html&gt;br&lt; &lt;p&lt;&gt;html&lt; this &lt; that&gt;&gt;br&lt; &gt;br&lt;

07/15/08 10:44:58 changed by errr

Sorry, it would need to be: sed -e "s,<,\&lt;,g"|sed -e "s,>,\&gt;,g"|sed -e "s/$/<br>/g"

07/16/08 08:15:24 changed by p_lindheimer

  • status changed from new to closed.
  • resolution set to fixed.

err hmm, maybe it is as simple as that?

r6030, r6031, r6032, r6034, r6035, r6036 versions 2.3, 2.4 and 2.5 fixed

Donate



Support
Download
Develop
Forums
News
Documentation
Paid Support
About

Paid Ads