Iaxclient.Truncated.IAX.Frames.Overflow

description-logoDescription

Indicates a possible attempt at exploiting one of a multiple of buffer overflow vulnerabilities in the IAXClient library. The library fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. An attacker can leverage this vulnerability and execute arbitrary code agains the system.

affected-products-logoAffected Products

LoudHush LoudHush 1.3.6
Kiax Kiax 0.8.5
IaxComm IaxComm 1.0
IAXClient IAXClient 0
Gentoo Linux
asterisKGuru IDEFISK Softphone

Impact logoImpact

System compromise
Execution of arbitrary code

recomended-action-logoRecommended Actions

The vendors have released updated versions of the affected software. Please see the reference section.
Upgrade to LoudHush LoudHush version 1.3.7.
Protect your network by using multiple layers of security.
Perform all non-administrative tasks as an unprivileged user with minimal access rights. This could help limit the impact of latent vulnerabilities in applications.
Run services with the least amount of privileges required.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-11 16.978

References

1