CVE-2006-2923

Sažetak

The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before 1.2.0, allows remote attackers to execute arbitrary code via crafted IAX 2 (IAX2) packets with truncated (1) full frames or (2) mini-frames, which are detected in a length check but still processed, leading to buffer overflows related to negative length values.

Reference

http://iaxclient.sourceforge.net/iaxcomm/
http://secunia.com/advisories/20466
http://secunia.com/advisories/20560
http://secunia.com/advisories/20567
http://secunia.com/advisories/20623
http://secunia.com/advisories/20900
http://sourceforge.net/project/shownotes.php?release_id=423099&group_id=131960
http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10
http://www.gentoo.org/security/en/glsa/glsa-200606-30.xml
http://www.loudhush.ro/changelog.txt
http://www.securityfocus.com/archive/1/436638/100/0/threaded
http://www.securityfocus.com/bid/18307
http://www.vupen.com/english/advisories/2006/2180
http://www.vupen.com/english/advisories/2006/2284
http://www.vupen.com/english/advisories/2006/2285
http://www.vupen.com/english/advisories/2006/2286
https://exchange.xforce.ibmcloud.com/vulnerabilities/27047

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:43

Objavljeno

09-06-2006 - 10:02