This host is installed with Fonality trixbox and is prone to multiple vulnerabilities.

Successful exploitation will allow attacker to execute arbitrary arbitrary code, manipulate SQL queries in the backend database, and disclose certain sensitive information. Impact Level: Application

No solution or patch is available as of 30th January, 2015. Information regarding this issue will be updated once the solution details are available. or updates refer to http://www.fonality.com/trixbox

Multiple flaws are due to improper validation of user supplied input passed via 'mac', 'lang', and 'id_nodo' parameters.

Fonality trixbox

Send a crafted exploit string via HTTP GET request and check whether it is possible to read cookie or not.

• http://downloads.securityfocus.com/vulnerabilities/exploits/68720.txt
• http://packetstormsecurity.com/files/127522

---

Updated on 2017-03-28