search for: confbridgestartrecord

...Description The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action "ConfbridgeStartRecord" could also be used to execute arbitrary system commands without first checking for system access. Resolution Asterisk now inhibits the CONFBRIDGE function from being e...

...Description The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action "ConfbridgeStartRecord" could also be used to execute arbitrary system commands without first checking for system access. Resolution Asterisk now inhibits the CONFBRIDGE function from being e...

...o further media will arrive and the channel will stay within ConfBridge indefinitely. In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves the following security vulnerability: * AST-2014-017: Permission Escalation via ConfBridge dialplan function and AMI ConfbridgeStartRecord Action The CONFBRIDGE dialplan function when executed from an external protocol (such as AMI) can result in a privilege escalation as certain options within that function can affect the underlying system. Additionally, the AMI ConfbridgeStartRecord action has options that would allow modif...

...o further media will arrive and the channel will stay within ConfBridge indefinitely. In addition, the release of 11.6-cert8, 11.14.1, 12.7.1, and 13.0.1 resolves the following security vulnerability: * AST-2014-017: Permission Escalation via ConfBridge dialplan function and AMI ConfbridgeStartRecord Action The CONFBRIDGE dialplan function when executed from an external protocol (such as AMI) can result in a privilege escalation as certain options within that function can affect the underlying system. Additionally, the AMI ConfbridgeStartRecord action has options that would allow modif...