|
Family: Gain root remotely --> Category: denial
IAXClient Truncated Frames Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Tries to crash IAXClient application
Detailed Explanation for this Vulnerability Test
Synopsis :
There remote softphone is prone to multiple buffer overflow attacks.
Description :
The remote host appears to be using a VoIP software phone application
that is affected by multiple buffer overflows. With specially-crafted
UDP packets, an unauthenticated remote attacker may be able to
leverage these issues to crash the affected application or to execute
arbitrary code on the remote host subject to the rights of the
user running it.
See also :
http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10
http://www.securityfocus.com/archive/1/436638/30/0/threaded
Solution :
Obtain to a version of the client application built using a version of
IAXClient from June 6 2006 or later.
Threat Level:
Medium / CVSS Base Score : 4.7
(AV:R/AC:L/Au:NR/C:P/I:P/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|