Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain root remotely --> Category: denial

IAXClient Truncated Frames Buffer Overflow Vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
Tries to crash IAXClient application

Detailed Explanation for this Vulnerability Test

Synopsis :

There remote softphone is prone to multiple buffer overflow attacks.

Description :

The remote host appears to be using a VoIP software phone application
that is affected by multiple buffer overflows. With specially-crafted
UDP packets, an unauthenticated remote attacker may be able to
leverage these issues to crash the affected application or to execute
arbitrary code on the remote host subject to the rights of the
user running it.

See also :

http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10
http://www.securityfocus.com/archive/1/436638/30/0/threaded

Solution :

Obtain to a version of the client application built using a version of
IAXClient from June 6 2006 or later.

Threat Level:

Medium / CVSS Base Score : 4.7
(AV:R/AC:L/Au:NR/C:P/I:P/A:N/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.