Elastix 1.5 and 1.6 security vulnerability

If you’re still using Elastix 1.5 or 1.6 (or earlier) then it is critically important that you ensure you are not open to this vulnerability –

http://secunia.com/advisories/41330/

This allows anyone to download a list of extensions and secrets from your Elastix server, no password required! They can then use this information to place expensive calls through your server.

To test if you are vulnerable visit the following URLs in a web browser, replacing the IP address with your Elastix server IP –

http://x.x.x.x/modules/extensions_batch/libs/download_csv.php
https://x.x.x.x/modules/extensions_batch/libs/download_csv.php

The easiest was to secure your server from this is to delete the affected file (this was done in later releases) –

rm /var/www/html/modules/extensions_batch/libs/download_csv.php

There are active scans on the Internet looking for vulnerable servers.

4 thoughts on “Elastix 1.5 and 1.6 security vulnerability

  1. matt Post author

    That’s true, it’s old. I should have made that clear. However I’m seeing scans for it so I thought I’d post a warning.

  2. matt Post author

    Definitely. And out of all the available Asterisk distributions I think Elastix is the one that needs a little extra effort to secure it as it includes lots of additional packages.

Comments are closed.