[asterisk-dev] Dialplan oddities with recent Asterisk ?

[Leif Madsen]

Klaus Darilion wrote:
> The vulnerability is not just the Dial application. Every dialplan 
> action which uses ${EXTEN} can be in danger!
> 
> Of course it also depends on your PSTN connectivity if such patterns may 
> arive at your Asterisk server. Maybe calls arive via DUNDI? ....

Well, a call doesn't arrive via DUNDi, it still arrives by the same methods as 
usual. DUNDi is just the lookup portion of the call to determine where Dial() 
places a call.

Perhaps you meant "request" and not "call"?

Leif.