APP: IAXclient Truncated Frames
This signature detects attempts to exploit a known vulnerability in the IAX Client. A successful attack can lead to an integer overflow and arbitrary remote code execution within the context of the application.
Extended Description
The IAXClient library is prone to multiple remote buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. These issues allow remote attackers to execute arbitrary machine code in the context of applications that use the affected library to process IAX network datagrams. The following packages are known to use a vulnerable version of the library: - IDE FISK, versions 1.35 and prior - IaxComm, versions prior to 1.2.0 - KIAX, versions 0.8.5 and prior - LoudHush, versions 1.3.6 and prior Other packages may also use the affected library.
Affected Products
Loudhush loudhush
References
BugTraq: 18307
CVE: CVE-2006-2923
URL: http://www.loudhush.ro/changelog.txt http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10
Short Name
VOIP:IAX-INT-OF
Severity
Minor
Recommended
False
Recommended Action
None
Category
VOIP
Keywords
CVE-2006-2923 Frames IAXclient Truncated bid:18307
Release Date
06/21/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
UDP/4569
False Positive
Unknown
Vendors
Iaxclient
Loudhush
Gentoo
Iaxcomm
Asteriskguru
Kiax
CVSS Score
6.4