PublicDate: 2007-10-17 23:17:00 UTC
Candidate: CVE-2007-5488
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5488
Description:
 Multiple SQL injection vulnerabilities in cdr_addon_mysql in
 Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote
 attackers to execute arbitrary SQL commands via the (1) source and (2)
 destination numbers, and probably (3) SIP URI, when inserting a record.
Ubuntu-Description:
Notes:
 jdstrand> exists in Debian, so keep track of it
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS: 
upstream_asterisk-addons: released (1.4.4)
dapper_asterisk-addons: DNE
edgy_asterisk-addons: DNE
feisty_asterisk-addons: DNE
gutsy_asterisk-addons: DNE
devel_asterisk-addons: not-affected