2 matches found
The vulnerability of the app_minivm module in the MinivmNotify application of Asterisk and Certified Asterisk management systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the appminivm module in the MinivmNotify application of the Asterisk control system and Certified Asterisk is related to insufficient validation of input data transmitted using the “externnotify” option. The identifier’s name and number, obtained from an unreliable source, ar...
UBUNTU-CVE-2017-14100
In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The appminivm module has an "externnotify" program configuration option that is executed by the...