First published: Wed Nov 16 2005(Updated: )
Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Digium Asterisk | =1.2.0_beta1 | |
Digium Asterisk | =0.7.1 | |
Digium Asterisk | =0.1.9 | |
Digium Asterisk | =0.2.0 | |
Digium Asterisk | =0.1.3 | |
Digium Asterisk | =0.3.0 | |
Digium Asterisk | =0.7.2 | |
Digium Asterisk | =0.5.0 | |
Digium Asterisk | =1.0.9 | |
Digium Asterisk | =1.0.2 | |
Digium Asterisk | =0.1.11 | |
Digium Asterisk | =1.0_rc2 | |
Digium Asterisk | =0.1.6 | |
Digium Asterisk | =1.0.1 | |
Digium Asterisk | =1.0.3 | |
Digium Asterisk | =1.0.5 | |
Digium Asterisk | =0.1.8 | |
Digium Asterisk | =0.1.12 | |
Digium Asterisk | =1.0.6 | |
Digium Asterisk | =0.1.0 | |
Digium Asterisk | =0.1.7 | |
Digium Asterisk | =1.0.4 | |
Digium Asterisk | =1.0.8 | |
Digium Asterisk | =0.1.1 | |
Digium Asterisk | =0.1.2 | |
Digium Asterisk | =0.1.4 | |
Digium Asterisk | =1.0.0 | |
Digium Asterisk | =1.0.7 | |
Digium Asterisk | =0.7.0 | |
Digium Asterisk | =0.1.5 | |
Digium Asterisk | =0.4.0 | |
Digium Asterisk | =0.1.10 | |
Digium Asterisk | =1.0_rc1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.