Summary
This host is running FreePBX and is prone to multiple cross site scripting and remote command execution vulnerabilities.
Impact
Successful exploitation may allow remote attackers to steal cookie-based authentication credentials or execute arbitrary commands within the context of the affected application.
Impact Level: System/Application
Solution
Apply the patch from below link,
http://www.freepbx.org/trac/ticket/5711
Insight
Multiple flaws are caused by an,
- Improper validation of user-supplied input by multiple scripts, which allows attacker to execute arbitrary HTML and script code on the user's browser session in the security context of an affected site.
- Input passed to the 'callmenum' parameter in recordings/misc/callme_page.php (when 'action' is set to 'c') is not properly verified before being used.
This can be exploited to inject and execute arbitrary shell commands.
Affected
FreePBX versions 2.9.0 and 2.10.0
References
- http://packetstormsecurity.org/files/111130/freepbx2100-exec.txt
- http://secunia.com/advisories/48463
- http://secunia.com/advisories/48475
- http://www.exploit-db.com/exploits/18649
- http://www.freepbx.org/trac/ticket/5711
- http://www.freepbx.org/trac/ticket/5713
- http://xforce.iss.net/xforce/xfdb/74173
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-4869, CVE-2012-4870 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AlienVault OSSIM Multiple Remote Code Execution Vulnerabilities
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
- ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
- ASP Inline Corporate Calendar SQL injection