3 matches found
Command injection
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS...
CVE-2007-6424
registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS...
CVE-2007-6424
CVE-2007-6424 affects Fonality Trixbox 2.0 PBX; the registry.pl script reads commands from a remote site without proper origin validation, enabling a DNS spoofing vector that lets remote attackers disable Trixbox and execute arbitrary commands. Affected component: registry.pl; root cause: insuffi...