Lucene search
PRIOn knowledge basePRION:CVE-2018-17141HistorySep 21, 2018 - 5:29 p.m.
Code injection
2018-09-2117:29:00
PRIOn knowledge base
www.prio-n.com
3
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 9.0 | |
| hylafax | eq | 6.0.6 | |
| hylafax\\+ | eq | 5.6.0 |
References
git.hylafax.org/HylaFAX?a=commit;h=c6cac8d8cd0dbe313689ba77023e12bc5b3027be
www.openwall.com/lists/oss-security/2018/09/20/1
lists.debian.org/debian-lts-announce/2018/09/msg00026.html
seclists.org/bugtraq/2018/Sep/49
www.debian.org/security/2018/dsa-4298
www.x41-dsec.de/lab/advisories/x41-2018-008-hylafax/
Related
nessus
nessus
Debian DSA-4298-1 : hylafax - security update
2018-09-21 00:00:00
FreeBSD : comms/hylafax -- Malformed fax sender remote code execution in JPEG support (3df5a920-6edc-11e9-a44b-0050562a4d7b)
2019-05-06 00:00:00
openSUSE Security Update : hylafax+ (openSUSE-2019-711)
2019-03-27 00:00:00
openvas
openvas
Fedora Update for hylafax+ FEDORA-2018-11b966722a
2018-09-28 00:00:00
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2018:2797-1)
2018-09-22 00:00:00
Fedora Update for hylafax+ FEDORA-2018-37a27807e0
2018-09-28 00:00:00
debian
debian
[SECURITY] [DLA 1515-1] hylafax security update
2018-09-22 21:15:31
[SECURITY] [DSA 4298-1] hylafax security update
2018-09-20 19:04:19
cve
cve
CVE-2018-17141
2018-09-21 17:29:07
osv
osv
hylafax - security update
2018-09-22 00:00:00
CVE-2018-17141
2018-09-21 17:29:07
hylafax - security update
2018-09-20 00:00:00
alpinelinux
alpinelinux
CVE-2018-17141
2018-09-21 17:29:07
suse
suse
Security update for hylafax+ (critical)
2018-09-22 09:29:24
Security update for hylafax+ (critical)
2018-09-21 21:49:49
debiancve
debiancve
CVE-2018-17141
2018-09-21 17:29:07
zdt
zdt
freebsd
freebsd
comms/hylafax -- Malformed fax sender remote code execution in JPEG support
2018-08-24 00:00:00
nvd
nvd
CVE-2018-17141
2018-09-21 17:29:07
mageia
mageia
Updated hylafax+ packages fix security vulnerability
2018-11-18 01:23:26
cvelist
cvelist
CVE-2018-17141
2018-09-21 17:00:00
ubuntucve
ubuntucve
CVE-2018-17141
2018-09-21 00:00:00