These vulnerabilities could also serve as entry points for attackers to compromise other critical network systems. Specifically, the vulnerabilities affect:

-- Asterisk PBX (Private Branch Exchange), widely-used open source software for phone systems that supports an extensive range of VoIP equipment, protocols and features including voicemail, interactive voice response, call queuing, three-way calling, caller ID services and more.

-- IAXclient, an open source library that implements the IAX2 VoIP protocol used by several VoIP software phones. Core Security discovered two vulnerabilities that affect VoIP software phones which implement the IAX2 protocol using the IAXclient library.

"These vulnerabilities exemplify the need to address and act upon IP telephony and VoIP security threats in a serious, proactive and systematic manner," said Ivan Arce, CTO at Core Security Technologies. "It's a testament to the dedication and responsiveness of the developers involved with both of these widely used open source software products that security fixes were made available so quickly to their users."

Vulnerability Specifics:

Asterisk PBX truncated video frame vulnerability--The Asterisk-specific IAX2 protocol includes support for transmission of video between the IAX2 clients that implement this feature. A vulnerability found in the Asterisk's handling of IAX2 video frames could lead to the remote compromise of the system running the software PBX through execution of arbitrary code of the attacker's choosing with the privileges of the Asterisk daemon. The vulnerability affects Asterisk PBX software versions up to and including v1.2.8.

IAXclient truncated frames vulnerabilities--IAXclient is an open source library that implements the IAX2 VoIP protocol used by the Asterisk IP PBX and several VoIP software phones. Two vulnerabilities have been discovered in the library that may grant attackers remote execution of arbitrary code on systems using software packages that rely on the library to implement the IAX protocol support. Although these vulnerabilities were discovered and tested using in the IDE FISK software phone, other software packages that use the IAXclient library are also vulnerable.

The maintainers of the vulnerable software have updated their packages with fixed versions For more information on both vulnerabilities, the systems they affect and their corresponding security fixes please visit:

http://www.coresecurity.com/common/showdoc.php?idx=547&idxseccion=10

and

http://www.coresecurity.com/common/showdoc.php?idx=548&idxseccion=10 

About CoreLabs

CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. Research is conducted in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Results from these efforts include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies.