Details

    • Target Release:
    • ToDo:

      Description

      config.php has a remote command execution vulnerability which is available without proper authentication. (CVE-2014-1903)

        Issue Links

          Activity

          Show
          Andrew Nagy added a comment - http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice
          Hide
          infinity005 added a comment -

          whats the CVE ID for this?

          Show
          infinity005 added a comment - whats the CVE ID for this?
          Hide
          Andrew Nagy added a comment -

          We are not disclosing that at this time. When we decide to post the ID we will post that to this ticket.

          Sent from my iPhone

          Show
          Andrew Nagy added a comment - We are not disclosing that at this time. When we decide to post the ID we will post that to this ticket. Sent from my iPhone
          Hide
          Andrew Nagy added a comment -

          CVE-2014-1903

          Show
          Andrew Nagy added a comment - CVE-2014-1903

            People

            • Assignee:
              Bryan Walters
              Reporter:
              phylocko
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development