SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Asterisk | Digium | 0.1.7 | 0.1.7 |
Asterisk | Digium | 0.1.8 | 0.1.8 |
Asterisk | Digium | 0.1.9 | 0.1.9 |
Asterisk | Digium | 0.1.9.1 | 0.1.9.1 |
Asterisk | Digium | 0.2 | 0.2 |
Asterisk | Digium | 0.3 | 0.3 |
Asterisk | Digium | 0.4 | 0.4 |