3 matches found
Gentoo Security Advisory GLSA 200610-15 (asterisk)
The remote host is missing updates announced in advisory GLSA 200610-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...
CVE-2006-4346
CVE-2006-4346 affects Asterisk 1.2.10; the Record() function uses client-controlled variables to determine filenames, enabling remote attackers to (1) execute code via format string specifiers and (2) overwrite files through directory traversals (CALLERIDNAME demonstrated). Public sources describ...