CVE-2006-2020

2006-04-25T20:06:00
ID CVE-2006-2020
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:37:00

Description

Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information. This vulnerability is addressed in the following product releases: Littlejohn Consulting, Asterisk Recording Interface, 0.10.00 and higher