Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the βwrite = commandβ option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.