Vulnerability Details CVE-2006-6244
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/23124
- http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
- http://www.freepbx.org/trac/changeset/2076
- http://www.securityfocus.com/bid/21359
- http://www.vupen.com/english/advisories/2006/3019
- http://secunia.com/advisories/23124
- http://sourceforge.net/project/shownotes.php?group_id=121515&release_id=467129
- http://www.freepbx.org/trac/changeset/2076
- http://www.securityfocus.com/bid/21359
- http://www.vupen.com/english/advisories/2006/3019
Products affected by CVE-2006-6244
-
cpe:2.3:a:coalescent_systems:freepbx:*