Vulnerability Details : CVE-2018-17281
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.
Products affected by CVE-2018-17281
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- Digium » Asterisk » Standard EditionVersions from including (>=) 15.0.0 and up to, including, (<=) 15.6.0cpe:2.3:a:digium:asterisk:*:*:*:*:standard:*:*:*
- Digium » Asterisk » LTS EditionVersions from including (>=) 13.0.0 and up to, including, (<=) 13.23.0cpe:2.3:a:digium:asterisk:*:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert13:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert14:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert15:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert12:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert5:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert6:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.21:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert8:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.8:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert5:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert7:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert17:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.8:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.8:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.8:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.21:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert7:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.13:cert9:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert6:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert8:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert16:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert18:*:*:lts:*:*:*
Threat overview for CVE-2018-17281
Top countries where our scanners detected CVE-2018-17281
Top open port discovered on systems with this issue
8088
IPs affected by CVE-2018-17281 10,985
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-17281!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-17281
59.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-17281
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-17281
-
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-17281
-
https://seclists.org/bugtraq/2018/Sep/53
Bugtraq: AST-2018-009: Remote crash vulnerability in HTTP websocket upgradeMailing List;Patch;Third Party Advisory
-
https://security.gentoo.org/glsa/201811-11
Asterisk: Multiple vulnerabilities (GLSA 201811-11) — Gentoo securityThird Party Advisory
-
http://downloads.asterisk.org/pub/security/AST-2018-009.html
AST-2018-009Patch;Vendor Advisory
-
http://seclists.org/fulldisclosure/2018/Sep/31
Full Disclosure: AST-2018-009: Remote crash vulnerability in HTTP websocket upgradeMailing List;Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/105389
Multiple Asterisk Products CVE-2018-17281 Remote Stack Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2018/09/msg00034.html
[SECURITY] [DLA 1523-1] asterisk security updateMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1041694
Asterisk Stack Overflow in HTTP Websocket Upgrade Lets Remote Users Cause the Target Service to Crash - SecurityTrackerThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/149453/Asterisk-Project-Security-Advisory-AST-2018-009.html
Asterisk Project Security Advisory - AST-2018-009 ≈ Packet StormThird Party Advisory;VDB Entry
-
https://issues.asterisk.org/jira/browse/ASTERISK-28013
[ASTERISK-28013] res_http_websocket: Crash when reading HTTP Upgrade requests - Digium/Asterisk JIRAIssue Tracking;Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4320
Debian -- Security Information -- DSA-4320-1 asteriskThird Party Advisory
Jump to