2 matches found
Mandrake Linux Security Advisory : hylafax (MDKSA-2005:177)
faxcron, recvstats, and xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. CVE-2005-3069 In addition, HylaFax has some provisional support for Unix domain sockets, which is disabled in the default compile configuratio...
CVE-2005-3069
CVE-2005-3069 affects HylaFAX (xferfaxstats) up to version 4.2.1 and earlier. Root cause: insecure creation of temporary files by xferfaxstats leading to a symlink attack on xferfax$$, allowing local users to overwrite arbitrary files (I:P, A:N). Impact: local privilege/impact on integrity of fil...