FreePBX | Register | Issues | Wiki | Portal | Support

Hack again from shell shock (recordings/index.php)


#1

I think there is exploitation Specifically in voicemail.module (sendmail shellshock)
I hope specialists examine Model


(Tony Lewis) #2

A big notice went out last week that the ARI has a vulnerability. You need to update. Critical FreePBX RCE Vulnerability (ALL Versions) CVE-2014-7235


(TheJames) #3

Yes someone released a SMTP attack for shelshock a couple days ago. They can email your system to gain access… Please update your bash. New attack vectors will probably be found weekly.