Lucene search
PRIOn knowledge basePRION:CVE-2018-17141HistorySep 21, 2018 - 5:29 p.m.
Code injection
2018-09-2117:29:00
PRIOn knowledge base
www.prio-n.com
3
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 9.0 | |
| hylafax | eq | 6.0.6 | |
| hylafax\\+ | eq | 5.6.0 |
References
git.hylafax.org/HylaFAX?a=commit;h=c6cac8d8cd0dbe313689ba77023e12bc5b3027be
www.openwall.com/lists/oss-security/2018/09/20/1
lists.debian.org/debian-lts-announce/2018/09/msg00026.html
seclists.org/bugtraq/2018/Sep/49
www.debian.org/security/2018/dsa-4298
www.x41-dsec.de/lab/advisories/x41-2018-008-hylafax/
Related
openvas
openvas
Debian: Security Advisory (DLA-1515-1)
2018-09-23 00:00:00
Mageia: Security Advisory (MGASA-2018-0456)
2022-01-28 00:00:00
Fedora Update for hylafax+ FEDORA-2018-11b966722a
2018-09-28 00:00:00
nessus
nessus
Debian DLA-1515-1 : hylafax security update
2018-09-24 00:00:00
Fedora 29 : hylafax+ (2018-b21354b100)
2019-01-03 00:00:00
Debian DSA-4298-1 : hylafax - security update
2018-09-21 00:00:00
freebsd
freebsd
comms/hylafax -- Malformed fax sender remote code execution in JPEG support
2018-08-24 00:00:00
osv
osv
hylafax - security update
2018-09-20 00:00:00
CVE-2018-17141
2018-09-21 17:29:07
hylafax - security update
2018-09-22 00:00:00
nvd
nvd
CVE-2018-17141
2018-09-21 17:29:07
cve
cve
CVE-2018-17141
2018-09-21 17:29:07
debian
debian
[SECURITY] [DLA 1515-1] hylafax security update
2018-09-22 21:14:31
[SECURITY] [DSA 4298-1] hylafax security update
2018-09-20 19:04:19
suse
suse
Security update for hylafax+ (critical)
2018-09-22 09:29:24
Security update for hylafax+ (critical)
2018-09-21 21:49:49
debiancve
debiancve
CVE-2018-17141
2018-09-21 17:29:07
zdt
zdt
alpinelinux
alpinelinux
CVE-2018-17141
2018-09-21 17:29:07
ubuntucve
ubuntucve
CVE-2018-17141
2018-09-21 00:00:00
mageia
mageia
Updated hylafax+ packages fix security vulnerability
2018-11-18 01:23:26
cvelist
cvelist
CVE-2018-17141
2018-09-21 17:00:00