Lucene search

[email protected]CVE-2001-0387

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0387

2001-07-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

hylafax

cve-2001-0387

hfaxd

format string vulnerability

privileges

local users

nvd

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.8%

JSON

Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.

CPENameOperatorVersion
hylafax:hylafaxhylafaxeq4.1_beta1
hylafax:hylafaxhylafaxeq4.0_pl2
hylafax:hylafaxhylafaxeq4.0_pl0
hylafax:hylafaxhylafaxeq4.0_pl1
hylafax:hylafaxhylafaxeq4.1_beta2
hylafax:hylafaxhylafaxeq4.1_beta3

CPE	Name	Operator	Version
hylafax:hylafax	hylafax	eq	4.1_beta1
hylafax:hylafax	hylafax	eq	4.0_pl2
hylafax:hylafax	hylafax	eq	4.0_pl0
hylafax:hylafax	hylafax	eq	4.0_pl1
hylafax:hylafax	hylafax	eq	4.1_beta2
hylafax:hylafax	hylafax	eq	4.1_beta3

References

archives.neohapsis.com/archives/bugtraq/2001-04/0236.html

archives.neohapsis.com/archives/freebsd/2001-04/0606.html

lists.suse.com/archives/suse-security-announce/2001-Apr/0005.html

www.linux-mandrake.com/en/security/2001/MDKSA-2001-041.php3

www.osvdb.org/5679

www.securityfocus.com/archive/1/175963

www.securityfocus.com/bid/2574

exchange.xforce.ibmcloud.com/vulnerabilities/6377

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.8%

JSON

Related for CVE-2001-0387

nessus2 suse1