Indicates a possible attempt at exploiting one of a multiple of buffer overflow vulnerabilities in the IAXClient library. The library fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. An attacker can leverage this vulnerability and execute arbitrary code agains the system.
LoudHush LoudHush 1.3.6
Kiax Kiax 0.8.5
IaxComm IaxComm 1.0
IAXClient IAXClient 0
asterisKGuru IDEFISK Softphone
Execution of arbitrary code
The vendors have released updated versions of the affected software. Please see the reference section.
Upgrade to LoudHush LoudHush version 1.3.7.
Protect your network by using multiple layers of security.
Perform all non-administrative tasks as an unprivileged user with minimal access rights. This could help limit the impact of latent vulnerabilities in applications.
Run services with the least amount of privileges required.