Avirt Voice/Soho Long Input Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID:
SA10960
VERIFY ADVISORY:
http://secunia.com/advisories/10960/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Avirt Voice 4.x
Avirt Soho 4.x
DESCRIPTION:
Donato Ferrante has reported some vulnerabilities in Avirt Voice and Avirt Soho, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to boundary errors in some of the services. These can be exploited to cause buffer overflows by sending overly long strings to the services.
The vulnerabilities have been reported in Avirt Voice 4.0 and Avirt Soho 4.3.
SOLUTION:
- The vulnerabilities will reportedly be fixed in the next releases.
- Use other products.
PROVIDED AND/OR DISCOVERED BY:
Donato Ferrante
For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10960/