aboutsummaryrefslogtreecommitdiffstats
path: root/build_tools
diff options
context:
space:
mode:
authormmichelson <mmichelson@f38db490-d61c-443f-a65b-d21fe96a405b>2008-03-13 20:59:00 +0000
committermmichelson <mmichelson@f38db490-d61c-443f-a65b-d21fe96a405b>2008-03-13 20:59:00 +0000
commit721d85cdd016441826c7bbe85a21c3d89499d62b (patch)
tree60257f7a19cff5ab37a1a484250e67d097223f23 /build_tools
parent940afa00020870a287043f12b85331a36fda2386 (diff)
Fixing a potential buffer overflow in the manager command ModuleCheck.
Though this overflow is exploitable remotely, we are NOT issuing a security advisory for this since in order to exploit the overflow, the attacker would have to establish an authenticated manager session AND have the system privilege. By gaining this privilege, the attacker already has more powerful weapons at his disposal than overflowing a buffer with a malformed manager header, so the vulnerability in this case really lies with the authentication method that allowed the attacker to gain the system privilege in the first place. git-svn-id: http://svn.digium.com/svn/asterisk/trunk@108529 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'build_tools')
0 files changed, 0 insertions, 0 deletions