This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: A critical flaw in the `res_http_websocket.so` module of Asterisk. <br>π₯ **Consequences**: Sending a crafted HTTP request causes the Asterisk system to **crash** (Denial of Service).β¦
π **Threshold**: **LOW**. <br>π **Auth**: Likely **Remote** and **Unauthenticated** (HTTP request based). <br>βοΈ **Config**: Requires the WebSocket module to be enabled/accessible.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π’ **Public Exp?**: Yes. <br>π **Evidence**: References include **Full Disclosure mailing list** (20180920) and **Debian LTS** security updates. This indicates public awareness and potential PoC availability.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check Asterisk version (`asterisk -rv`). <br>2. Verify if version is β€ 13.23.0 or β€ 14.7.7. <br>3. Scan for open WebSocket ports (usually 80/443/8088) and test HTTP upgrade headers.
Q8Is it fixed officially? (Patch/Mitigation)
π‘οΈ **Fixed?**: **YES**. <br>π₯ **Patch**: Updates are available via **Debian DSA-4320** and **Asterisk JIRA ASTERISK-28013**. Upgrade to patched versions immediately.
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: <br>1. **Block** external access to WebSocket ports (firewall rules). <br>2. **Disable** the `res_http_websocket.so` module if not needed. <br>3. Restrict HTTP access to trusted IPs only.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: **HIGH**. <br>β‘ **Reason**: Remote crash capability with low exploitation threshold. Critical for PBX systems handling voice calls. Patch immediately to prevent service disruption.