HylaFAX notify Script Crafted Job Arbitrary Command Execution

ID OSVDB:22246
Type osvdb
Reporter OSVDB
Modified 2006-01-04T10:18:24


Solution Description

Upgrade to version 4.2.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor Specific Advisory URL Secunia Advisory ID:18366 Secunia Advisory ID:18314 Secunia Advisory ID:18489 Secunia Advisory ID:18337 Related OSVDB ID: 22245 Other Advisory URL: http://www.debian.org/security/2006/dsa-933 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200601-03.xml Other Advisory URL: http://www.hylafax.org/content/HylaFAX_4.2.4_release Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0066.html CVE-2005-3539