Vulnerabilities > CVE-2003-0779 - Unspecified vulnerability in Digium Asterisk

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

digium

NVD

Published: 2003-09-22

Updated: 2008-09-10

Summary

SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.

Vulnerable Configurations

Part	Description	Count
Application	Digium Digium Asterisk 0.4 Digium Asterisk 0.1.9 Digium Asterisk 0.2 Digium Asterisk 0.1.9.1 Digium Asterisk 0.1.8 Digium Asterisk 0.1.7 Digium Asterisk 0.3	7

References

http://www.atstake.com/research/advisories/2003/a091103-1.txt