# Exploit Title: Simple Webserver 2.3-rc1 Directory Traversal
# Date: 01/02/2013
# Exploit Author: CwG GeNiuS
# Vendor Homepage: http://www.pmx.it
# Software Link: http://www.pmx.it/download/sws-2.3-rc1-i686.exe
# Version: 2.3-rc1 (and earlier)
# Tested on: Windows 7 Enterprise SP1
#
#Vulnerability
Aastra IP telephone encrypted .tuz configuration file leakage
-
Affected products
=
Aastra 6753i IP Telephone
Firmware Version 3.2.2.56
Firmware Release Code SIP
Boot Version 2.5.2.1010
Background
==
Asterisk Project Security Advisory - AST-2012-015
ProductAsterisk
SummaryDenial of Service Through Exploitation of Device
State Caching
Asterisk Project Security Advisory - AST-2012-014
ProductAsterisk
SummaryCrashes due to large stack allocations when using
TCP