CVE-2007-6424

Name of the Vulnerable Software and Affected Versions Fonality Trixbox version 2.0

Description The issue allows remote attackers to execute arbitrary commands via a DNS spoofing attack, as the registry.pl script reads and executes commands from a remote web site without proper validation. This can lead to the disabling of trixbox.

Recommendations For Fonality Trixbox version 2.0, consider restricting access to the registry.pl script until a proper fix is available, and ensure that the environment in which it is running is secure to minimize the risk of DNS spoofing attacks.