Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2923

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2923
Last Modified 28 Mar 2011 12:00:00
Published 09 Jun 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2923

Summary

The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before 1.2.0, allows remote attackers to execute arbitrary code via crafted IAX 2 (IAX2) packets with truncated (1) full frames or (2) mini-frames, which are detected in a length check but still processed, leading to buffer overflows related to negative length values.

Vulnerable Systems

Application

  • Loudhush 1.3.6


References

BID - 18307

SECUNIA - 20466

XF - iaxclient-truncated-frame-bo(27047)

VUPEN - ADV-2006-2286

VUPEN - ADV-2006-2285

VUPEN - ADV-2006-2284

VUPEN - ADV-2006-2180

BUGTRAQ - 20060609 CORE-2006-0327: IAXclient truncated frames vulnerabilities

CONFIRM - http://www.loudhush.ro/changelog.txt

GENTOO - GLSA-200606-30

MISC - http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=423099&group_id=131960

SECUNIA - 20900

SECUNIA - 20623

SECUNIA - 20567

SECUNIA - 20560

CONFIRM - http://iaxclient.sourceforge.net/iaxcomm/


Last Updated: 27 May 2016 10:42:48