Description: Dino A. Dai Zovi has reported a weakness in Asterisk, which can be exploited by malicious people to hijack a user session.
The weakness is caused due to the HTTP Manager ID being predictable. This can be exploited to hijack a manager's session by guessing the session ID.
The weakness is reported in:
* Asterisk Open Source 1.4.x prior to 1.4.19-rc3
* Asterisk Open Source 1.6.x prior to 1.6.0-beta6
* Asterisk Business Edition C.x.x prior to C.1.6
* AsteriskNOW prior to 1.0.2
* Asterisk Appliance Developer Kit prior to SVN revision 104704
* s800i (Asterisk Appliance) prior to version 1.1.0.2
Solution: Asterisk Open Source 1.4.x:
Fixed in version 1.4.19-rc3
Asterisk Open Source 1.6.x:
Fixed in version 1.6.0-beta6
Asterisk Business Edition C.x.x:
Fixed in version C.1.6
AsteriskNOW:
Update to 1.0.2.
Asterisk Appliance Developer Kit:
Fixed with SVN revision 104704.
s800i (Asterisk Appliance):
Update to version 1.1.0.2
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.