[Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)

Denis Smirnov ds at seiros.ru
Sun Aug 27 02:41:00 MST 2006

Previous message: [Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
Next message: [Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Aug 27, 2006 at 12:14:50PM +0300, Tzafrir Cohen wrote:

 TC> Unless I misread the advisory.

See bug 7811.

app_record use filename as a format string. It's very, very bad idea.


-- 
JID: ds at im.seiros.ru
ICQ: 58417635 (please, use jabber, if you can)

http://freesource.info/

Previous message: [Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
Next message: [Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Asterisk-Security mailing list