Intrusion Prevention



Indicates a possible attempt at exploiting one of a multiple of buffer overflow vulnerabilities in the IAXClient library. The library fails to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers. An attacker can leverage this vulnerability and execute arbitrary code agains the system.

Affected Products

LoudHush LoudHush 1.3.6
Kiax Kiax 0.8.5
IaxComm IaxComm 1.0
IAXClient IAXClient 0
Gentoo Linux
asterisKGuru IDEFISK Softphone


System compromise
Execution of arbitrary code

Recommended Actions

The vendors have released updated versions of the affected software. Please see the reference section.
Upgrade to LoudHush LoudHush version 1.3.7.
Protect your network by using multiple layers of security.
Perform all non-administrative tasks as an unprivileged user with minimal access rights. This could help limit the impact of latent vulnerabilities in applications.
Run services with the least amount of privileges required.

CVE References


Other References