Update for Ingate Firewall and SIParator
Vendor Ingate has released firmware version 4.6.0 of its firewall and the SIParator SIP gateway to resolve several vulnerabilities in previous versions. Among the security-related bugs is a buffer overflow in the libsrtp library used for VoIP, about which the vendor has not released any details. Kernel panics can be caused by processing specially crafted SRTP packets containing an oversized RTCP index, as well as by IKE packets without PFS in the second phase of IPSec connectivity.
In addition, a NAT traversal implementation flaw may cause the SIP component to send messages to the wrong user. Some passwords may have been stored in plain text and certain ICMP packets were able to sneak past the firewall undetected. The developers have also fixed numerous other flaws and introduced several improvements. The vendor recommends that everybody update soon.
- Release notice for Ingate Firewall® 4.6.0 and Ingate SIParator® 4.6.0, Ingate release notice