Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-15397HistoryJun 30, 2020 - 12:15 p.m.
CVE-2020-15397
2020-06-3012:15:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.001 Low
EPSS
Percentile
44.8%
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | hylafax | < 3:6.0.7-5 | hylafax_3:6.0.7-5_all.deb |
| Debian | 11 | all | hylafax | < 3:6.0.7-3.1 | hylafax_3:6.0.7-3.1_all.deb |
| Debian | 10 | all | hylafax | < 3:6.0.6-8.1 | hylafax_3:6.0.6-8.1_all.deb |
| Debian | 999 | all | hylafax | < 3:6.0.7-9 | hylafax_3:6.0.7-9_all.deb |
| Debian | 13 | all | hylafax | < 3:6.0.7-9 | hylafax_3:6.0.7-9_all.deb |
Related
veracode
veracode
Arbitrary Code Execution
2020-08-06 21:34:07
cvelist
cvelist
CVE-2020-15397
2020-06-30 11:17:37
prion
prion
Design/Logic Flaw
2020-06-30 12:15:00
cve
cve
CVE-2020-15397
2020-06-30 12:15:00
ubuntucve
ubuntucve
CVE-2020-15397
2020-06-30 00:00:00
osv
osv
CVE-2020-15397
2020-06-30 12:15:12
alpinelinux
alpinelinux
CVE-2020-15397
2020-06-30 12:15:00
nessus
nessus
openSUSE Security Update : hylafax+ (openSUSE-2020-1210)
2020-08-18 00:00:00
openSUSE Security Update : hylafax+ (openSUSE-2020-1209)
2020-08-18 00:00:00
Fedora 32 : hylafax+ (2020-01eb48bcce)
2020-08-13 00:00:00
openvas
openvas
Fedora: Security Advisory for hylafax+ (FEDORA-2020-01eb48bcce)
2020-08-13 00:00:00
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2020:1209-1)
2020-08-15 00:00:00
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2020:1210-1)
2020-08-15 00:00:00
suse
suse
Security update for hylafax+ (moderate)
2020-09-18 00:00:00
Security update for hylafax+ (moderate)
2020-08-18 00:00:00
Security update for hylafax+ (moderate)
2020-08-15 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: hylafax+-7.0.3-1.fc32
2020-08-13 01:38:54
[SECURITY] Fedora 31 Update: hylafax+-7.0.3-1.fc31
2020-08-13 01:31:49
mageia
mageia
Updated hylafax+ packages fix security vulnerabilities
2020-09-01 02:58:35
gentoo
gentoo
HylaFAX: Multiple vulnerabilities
2020-07-26 00:00:00