[Freeswitch-users] faxploit
Steve Underwood
coppice12 at gmail.com
Tue Aug 25 10:25:44 UTC 2020
On 24/08/2020 09:14, mayamatakeshi wrote:
> Hi,
> /
> /
> /Check Point researchers have discovered a vulnerability in the ITU
> T.30 fax protocol that could be hacked to launch a cyberattack and
> gain access to a network./
>
> https://www.healthcareitnews.com/news/fax-machines-can-be-hacked-breach-network-using-only-its-number
>
> The phrase above indicates a flaw in the T.30 protocol itself and not
> in particular implementations.
> This is from 2018.
> I don't remember reading anything about this in the fs mailing list.
>
> Was freeswitch/spandsp audited to ensure application rxfax is safe?
>
> https://blog.checkpoint.com/2018/08/12/faxploit-hp-printer-fax-exploit/
>
What is described there does not appear to be a problem with the FAX
protocol, even though the text says it is. They refer to problems
handling DHT (define Huffman table) and COM (comment) sections when they
are used incorrectly. Those are tags in JPEG images. It looks like that
are talking about an issue with JPEG decoders that don't allow for
certain types of corrupt image, and the exploit would be specific to
particular models of FAX machine. The problem would be in the JPEG
decoder itself. Spandsp calls the system's JPEG library to do that
decoding. Any flaw that might exist would be in that system's JPEG library.
Regards,
Steve
More information about the FreeSWITCH-users
mailing list