SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Asterisk | Digium | 0.1.7 (including) | 0.1.7 (including) |
Asterisk | Digium | 0.1.8 (including) | 0.1.8 (including) |
Asterisk | Digium | 0.1.9 (including) | 0.1.9 (including) |
Asterisk | Digium | 0.1.9.1 (including) | 0.1.9.1 (including) |
Asterisk | Digium | 0.2 (including) | 0.2 (including) |
Asterisk | Digium | 0.3 (including) | 0.3 (including) |
Asterisk | Digium | 0.4 (including) | 0.4 (including) |