Monday, June 12, 2006

CoreLabs Uncovers VoIP Security Vulnerabilities

CoreLabs, the research center of Core Security Technologies, published two advisories regarding vulnerabilities that could severely impact enterprise phone systems. By exploiting either of these buffer overflow vulnerabilities, an attacker could remotely execute code and take control of an organization's entire voice communications system. These vulnerabilities could also serve as entry points for attackers to compromise other critical network systems. Specifically, the vulnerabilities affect:

  • Asterisk PBX, the open source software for phone systems. The Asterisk-specific IAX2 protocol includes support for transmission of video between the IAX2 clients that implement this feature. A vulnerability found in the Asterisk's handling of IAX2 video frames could lead to the remote compromise of the system running the software PBX through execution of arbitrary code of the attacker's choosing with the privileges of the Asterisk daemon. The vulnerability affects Asterisk PBX software versions up to and including v1.2.8.

  • IAXclient, an open source library that implements the IAX2 VoIP protocol used by several VoIP software phones. Two vulnerabilities have been discovered in the library that may grant attackers remote execution of arbitrary code on systems using software packages that rely on the library to implement the IAX protocol support. Although these vulnerabilities were discovered and tested using in the IDE FISK software phone, other software packages that use the IAXclient library are also vulnerable.

The maintainers of the vulnerable software have updated their packages with fixed versions.

See also