CVE-2006-6244

Опубликовано: 04 дек. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).

Ссылки

http://secunia.com/advisories/23124
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
Patch
http://www.freepbx.org/trac/changeset/2076
http://www.securityfocus.com/bid/21359
Patch
http://www.vupen.com/english/advisories/2006/3019
http://secunia.com/advisories/23124
Patch
Vendor Advisory
http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
Patch
http://www.freepbx.org/trac/changeset/2076
http://www.securityfocus.com/bid/21359
Patch
http://www.vupen.com/english/advisories/2006/3019

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:coalescent_systems:freepbx:*:*:*:*:*:*:*:*

Версия до 2.1.3 (включая)

EPSS

Процентиль: 72%

0.00739

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-283x-5p3j-2ppc

github

больше 3 лет назад