Computer Security
[EN] no-pyccku

Asterisk cdr_addon_mysql SQL injection
SecurityVulns ID:8271
Threat Level:
Description:SQL injection with destination number.
Affected:ASTERISK : Asterisk 1.2
 DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk s800i
CVE:CVE-2007-5488 (Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.)
Original documentdocumentASTERISK, AST-2007-023 - SQL Injection Vulnerabilty in cdr_addon_mysql (18.10.2007)
Files:Exploits Asterisk cdr_addon_mysql CSS

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod