[Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10
(Fixed in 1.2.11)
Kevin P. Fleming
kpfleming at digium.com
Sun Aug 27 06:56:11 MST 2006
----- Denis Smirnov <ds at seiros.ru> wrote:
> On Sun, Aug 27, 2006 at 12:14:50PM +0300, Tzafrir Cohen wrote:
>
> TC> Unless I misread the advisory.
>
> See bug 7811.
>
> app_record use filename as a format string. It's very, very bad idea.
No, it is not. The input to app_record comes from the _administrator_, not from a user. The administrator has complete and total control over what is fed to app_record, and if they do something silly like allow untrusted data from a user to be part of that input, then they can expect to be vulnerable.
--
Kevin P. Fleming
Senior Software Engineer
Digium, Inc.
More information about the Asterisk-Security
mailing list