ActiveFax RAW Server Multiple Buffer Overflow Vulnerabilities Network Vulnerability

Summary

The host is running ActiveFax RAW Server and is prone to multiple buffer overflow vulnerabilities.

Impact

Successful exploitation will allow remote attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to ActiveFax 5.01 beta or later, For updates refer to http://www.actfax.com/download/beta/actfax_setup_en.exe

Insight

The flaws due to some boundary errors within the RAW server when processing the '@F000', '@F506', and '@F605' data fields can be exploited to cause stack-based buffer overflows by sending a specially crafted command to the server.

Affected

ActiveFax Version 5.01 build 0232 and prior

References

http://packetstormsecurity.com/files/120109
http://secunia.com/advisories/52096
http://www.exploit-db.com/exploits/24467
http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html
http://www.securelist.com/en/advisories/52096

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
Beatport Player '.m3u' File Buffer Overflow Vulnerability
Adobe PageMaker Font Structure Multiple BOF Vulnerabilities
Adobe Shockwave Player ActiveX Control BOF Vulnerability
BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities

Take action and discover your vulnerabilities