The report is based off of reporting from Feb - July of 2018! Over a year and a half ago. I mean come on, look at the first article. What versions of FreePBX where these monitored systems running? Were they current boxes? Were they v13 or v14? The former uses PHP 5.3 while the latter uses PHP 5.6. Right now FreePBX v13 and v14 are the “current” releases for FreePBX. What attack vectors are being used? Is it a buffer overflow? Is it a SQL injection? What?!Īgain, ZERO information provided. These articles fail to relate how this is being done. ![]() So that would mean there are numerous Asterisk installs out in the world that would never be impacted by this, at all.Ĭonversely, FreePBX (which uses Asterisk) is GUI based and therefore uses Apache and PHP which would mean 100% of FreePBX boxes could be impacted by this. ![]() That means it doesn’t require or need Apache (or any web server) or PHP.
0 Comments
Leave a Reply. |