[Freeswitch-users] faxploit

Steve Underwood coppice12 at gmail.com
Tue Aug 25 10:25:44 UTC 2020

On 24/08/2020 09:14, mayamatakeshi wrote:
> Hi,
> /
> /
> /Check Point researchers have discovered a vulnerability in the ITU 
> T.30 fax protocol that could be hacked to launch a cyberattack and 
> gain access to a network./
> https://www.healthcareitnews.com/news/fax-machines-can-be-hacked-breach-network-using-only-its-number
> The phrase above indicates a flaw in the T.30 protocol itself and not 
> in particular implementations.
> This is from 2018.
> I don't remember reading anything about this in the fs mailing list.
> Was freeswitch/spandsp audited to ensure application rxfax is safe?
> https://blog.checkpoint.com/2018/08/12/faxploit-hp-printer-fax-exploit/

What is described there does not appear to be a problem with the FAX 
protocol, even though the text says it is. They refer to problems 
handling DHT (define Huffman table) and COM (comment) sections when they 
are used incorrectly. Those are tags in JPEG images. It looks like that 
are talking about an issue with JPEG decoders that don't allow for 
certain types of corrupt image, and the exploit would be specific to 
particular models of FAX machine. The problem would be in the JPEG 
decoder itself. Spandsp calls the system's JPEG library to do that 
decoding. Any flaw that might exist would be in that system's JPEG library.



More information about the FreeSWITCH-users mailing list