FreePBX SIP Packet Multiple HTML Injection Vulnerabilities

Bugtraq ID:	23575
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 20 2007 12:00AM
Updated:	Oct 01 2010 06:10PM
Credit:	XenoMuta is credited with the discovery of these vulnerabilities.
Vulnerable:	freePBX freePBX 2.2.1 freePBX freePBX 2.2 rc1
Not Vulnerable:

FreePBX SIP Packet Multiple HTML Injection Vulnerabilities

FreePBX is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content.

Attacker-supplied HTML and script code may be executed in the context of the affected web application, potentially allowing the attacker to steal cookie-based authentication credentials, control how the web application is displayed to the user, or manipulate the underlying PBX application; other attacks are also possible.

FreePBX 2.2. series is vulnerable to these issues.

FreePBX SIP Packet Multiple HTML Injection Vulnerabilities

The following exploit code is available:

• /data/vulnerabilities/exploits/23575.php

FreePBX SIP Packet Multiple HTML Injection Vulnerabilities

Solution:
Updates are available; please see the references for more information.

FreePBX SIP Packet Multiple HTML Injection Vulnerabilities

References:

• FreePBX Homepage (FreePBX)
  
• Ticket #2776 Cross Site Scripting Vulnearbility in Asterisk Log Module (xenomuta)