FreePBX Unspecified Input Validation Vulnerability

Bugtraq ID:	21359
Class:	Input Validation Error
CVE:
Remote:	No
Local:	No
Published:	Nov 30 2006 12:00AM
Updated:	Nov 30 2006 07:39PM
Credit:	The vendor reported this issue.
Vulnerable:	freePBX freePBX 2.1.3
Not Vulnerable:	freePBX freePBX 2.2 rc1

FreePBX Unspecified Input Validation Vulnerability

FreePBX is prone to an unspecified input-validation vulnerability.

Few details regarding this vulnerability are available. Reportedly, an input-validation error occurs in 'CALLERID(name)' and 'CALLERID(num)'.

This issue reportedly affects versions prior to 2.2.0rc1.

FreePBX Unspecified Input Validation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].

FreePBX Unspecified Input Validation Vulnerability

Solution:
The vendor has released a fix that addresses this issue; please see the reference section for more information.

FreePBX Unspecified Input Validation Vulnerability

References:

• FreePBX Homepage (FreePBX)
  
• Release Name: freePBX2.2.0rc1 (freePBX)