capi4hylafax -- missing input sanitising

2006-09-01T00:00:00
ID DSA-1165
Type debian
Reporter Debian
Modified 2006-09-01T00:00:00

Description

Lionel Elie Mamane discovered a security vulnerability in capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows remote attackers to execute arbitrary commands on the fax receiving system.

For the stable distribution (sarge) this problem has been fixed in version 01.02.03-10sarge2.

For the unstable distribution (sid) this problem has been fixed in version 01.03.00.99.svn.300-3.

We recommend that you upgrade your capi4hylafax package.