On Thursday 23 June 2005 10:38, Moritz Muehlenhoff wrote:
> | If the command string is specifically crafted, is it possible to use
> | this stack overflow to execute arbitrary code on the Asterisk system.
> | The resulting execution is (typically) run with root privileges.
Upstream the asterisk pa
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
An exploitable security problem has been found in Asterisk by Wade
Alcorn:
| There is a programming error in the function that parses commands in the
| Asterisk system. This is used by the manager interface if the
2 matches
Mail list logo
