[Asterisk-Security] Multiple Vulnerabilities in Asterisk 1.2.10
(Fixed in 1.2.11)
Denis Smirnov
ds at seiros.ru
Sun Aug 27 07:35:11 MST 2006
On Sun, Aug 27, 2006 at 09:04:45AM -0500, Kevin P. Fleming wrote:
>> But at the same time asterisk could use a built in sanity checker to
>> escape various characters etc... ie protecting people from
>> themselves...
KPF> And anyone who wants to provide one is welcome to do so. The lack of one being available is not a vulnerability, though, since the administrator can easily avoid the issue.
See to #7811, I _provide_ patch.
--
JID: ds at im.seiros.ru
ICQ: 58417635 (please, use jabber, if you can)
http://freesource.info/
More information about the Asterisk-Security
mailing list