Vulnerabilities > CVE-2005-2081 - Unspecified vulnerability in Digium Asterisk 1.0.7

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

digium

NVD

Published: 2005-07-05

Updated: 2017-07-11

Summary

Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.

Vulnerable Configurations

Part	Description	Count
Application	Digium Digium Asterisk 1.0.7	1

References

http://marc.info/?l=bugtraq&m=111946399501080&w=2
http://www.portcullis-security.com/advisory/advisory-05-013.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/21115