[nsp-sec] Trixbox vulnerability.

[Smith, Donald]

As the result of a report to the ISC handlers of trixbox being exploited
to host vishing calls, we have found a serious vulnerability (remote
password disclosure followed by remote control of the system) in the CE
version of trixbox. Does anyone have a security/cert contact there.
I don't want to use their forum as that is public:(

	

H8Hz
Donald.Smith at qwest.com gcia