Lucene search

[email protected]CVE-2005-3538

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-3538

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-3538

hylafax

security vulnerability

remote code execution

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.

CPENameOperatorVersion
ifax_solutions:hylafaxifax solutions hylafaxeq4.2.3

CPE	Name	Operator	Version
ifax_solutions:hylafax	ifax solutions hylafax	eq	4.2.3

References

bugs.hylafax.org/bugzilla/show_bug.cgi?id=719

secunia.com/advisories/18314

secunia.com/advisories/18337

secunia.com/advisories/18489

www.gentoo.org/security/en/glsa/glsa-200601-03.xml

www.hylafax.org/archive/2005-12/msg00119.php

www.hylafax.org/content/HylaFAX_4.2.4_release

www.mandriva.com/security/advisories?name=MDKSA-2006:015

www.securityfocus.com/archive/1/420974/100/0/threaded

www.securityfocus.com/bid/16150

www.vupen.com/english/advisories/2006/0072

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.028 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2005-3538

ubuntucve1 debiancve1 nessus3 securityvulns2 openvas2 gentoo1