AST-2012-004: Fix an error that allows AMI users to run shell commands sans authorization. - asterisk.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Jonathan Rose <jrose@digium.com>	2012-04-23 14:48:22 +0000
committer	Jonathan Rose <jrose@digium.com>	2012-04-23 14:48:22 +0000
commit	ceefcf883923da7f37ec6515b2ecfc545c75e53f (patch)
tree	ba1c91f581042e4ec033076e6005d4827ae3740d /main/astfd.c
parent	e8e12afc6a0fa44f517397d88c2eaabe9b348015 (diff)

AST-2012-004: Fix an error that allows AMI users to run shell commands sans authorization.

As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI actions were able to run system commands by going through other AMI commands which did not require that authorization. Specifically, GetVar and Status allowed users to do this by setting their variable/s options to the SHELL or EVAL functions. Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that allowed users with originate permission to run MixMonitor and supply a shell command in the Data argument. That flaw is fixed in those versions of this patch. (closes issue ASTERISK-17465) Reported By: David Woolley Patches: 162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182) 18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182) 10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182) ........ Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2 ........ Merged revisions 363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 363156 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363159 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Diffstat (limited to 'main/astfd.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: