CVE-2005-3559
Asterisk 1.0.9-1.2.0-beta1 - Directory Traversal via vmail.cgi Folder Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-3559. PoCs published by Adam Pointon.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Asterisk's voicemail CGI script, allowing unauthorized access to voicemail and .wav files. The provided URL demonstrates the attack vector by manipulating the 'folder' parameter.
Description
Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter.
Exploits (1)
The exploit describes a directory traversal vulnerability in Asterisk's voicemail CGI script, allowing unauthorized access to voicemail and .wav files. The provided URL demonstrates the attack vector by manipulating the 'folder' parameter.