ID CVE-2006-4346
Summary Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable.
References
Vulnerable Configurations
  • cpe:2.3:a:digium:asterisk:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:digium:asterisk:1.2.10:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 17-10-2018 - 21:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 19683
bugtraq 20060825 Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
confirm http://www.sineapps.com/news.php?rssid=1448
gentoo GLSA-200610-15
misc http://labs.musecurity.com/advisories/MU-200608-01.txt
sectrack 1016742
secunia 22651
vupen ADV-2006-3372
xf
  • asterisk-record-code-execution(28544)
  • asterisk-record-directory-traversal(28564)
Last major update 17-10-2018 - 21:36
Published 24-08-2006 - 20:04
Last modified 17-10-2018 - 21:36
Back to Top