[Asterisk-Users] Asterisk Manager Interface Remote Buffer Overflow Vulnerability

trixter http://www.0xdecafbad.com Wed, 22 Jun 2005 16:31:58 -0700

http://www.frsirt.com/english/advisories/2005/0851


A vulnerability was identified in Asterisk, which may be exploited by
authenticated attackers to execute arbitrary commands. This flaw is due
to a buffer overflow error in the manager interface that does not
properly handle specially crafted commands, which could be exploited by
an authenticated attacker to obtain root privileges. Note : the manager
interface is not enabled by default.


-- 
Trixter http://www.0xdecafbad.com     Bret McDanel
UK +44 870 340 4605   Germany +49 801 777 555 3402
US +1 360 207 0479 or +1 516 687 5200
FreeWorldDialup: 635378

signature.asc
Description: This is a digitally signed message part

_______________________________________________
Asterisk-Users mailing list
[email protected]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[Asterisk-Users] Asterisk Manager Interface Remote Buffer Overflow Vulnerability

Reply via email to