2 matches found
CVE-1999-0262
CVE-1999-0262 concerns the HylaFAX faxsurvey CGI script. Multiple sources confirm that the Linux faxsurvey CGI allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the query string, taking place with the web server’s privileges. Affected component: the faxsur...
Hylafax Faxsurvey Remote Command Execution (CVE-1999-0262)
Hylafax is a fax server software package designed to run on different UNIX operating systems. Unpatched version of Hylafax ships with an insecure script, faxsurvey, which allows remote command execution with the privileges of the web server process. Remote attackers can exploit this vulnerability...