I do love their logo.
Ward Mundy, of Nerd Vittles / PBX in a Flash fame, warns of a FreePBX Security Vulnerability allowing a system to be compromised simply by displaying a CDR report in the FreePBX browser.
There is a very serious security vulnerability that needs to be patched by loading the very latest version of FreePBX Framework as soon as it becomes available for your version of FreePBX. Just displaying a CDR report in the FreePBX browser could compromise your system.
The 2.5 and 2.6 patches already have been released and probably 2.7 as well. Load this patch IMMEDIATELY!!!
Setup, Module Admin, Check for Updates on Line, Upgrade All
2.5.2.3: #4223 Security Vulnerability
2.6.0.2: #3805, #3707, #4188, #4223 Security Vulnerability
For more information, check out the PBX in a Flash Forum.
[...] This post was mentioned on Twitter by pgoldberg. pgoldberg said: FreePBX Security Vulnerability: Ward Mundy, of Nerd Vittles / PBX in a Flash fame, warns of a FreePBX Security Vul… http://bit.ly/bFJalc [...]
Tweets that mention FreePBX Security Vulnerability: Ward Mundy, of Nerd Vittles / PBX in a Flash fame, warns of a FreePBX Security Vul... -- Topsy.com
23 Apr 10 at 2:32 pm
posted to VoIP Tech Chat: FreePBX Security Vulnerability. http://bit.ly/bFJalc
Fred Posner
23 Apr 10 at 7:48 pm