18 matches found
SUSE CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
Mageia: Security Advisory (MGASA-2018-0456)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : hylafax+ (openSUSE-2019-711)
This update for hylafax+ fixes the following issues : Security issues fixed in 5.6.1 : - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also...
Fedora 28 : hylafax+ (2018-37a27807e0)
HylaFAX+ 5.6.1 ============== - address CVE-2018-17141, fixes JPEG vulnerabilities 18 Sep 2018 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Fedora 29 : hylafax+ (2018-b21354b100)
HylaFAX+ 5.6.1 ============== - address CVE-2018-17141, fixes JPEG vulnerabilities 18 Sep 2018 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
MGASA-2018-0456 Updated hylafax+ packages fix security vulnerability
Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message CVE-2018-17141...
Fedora Update for hylafax+ FEDORA-2018-37a27807e0
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for hylafax+ FEDORA-2018-11b966722a
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : hylafax+ (2018-11b966722a)
HylaFAX+ 5.6.1 ============== - address CVE-2018-17141, fixes JPEG vulnerabilities 18 Sep 2018 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
openSUSE Security Update : hylafax+ (openSUSE-2018-1027)
This update for hylafax+ fixes the following issues : Security issues fixed in 5.6.1 : - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also...
[SECURITY] [DLA 1515-1] hylafax security update
Package : hylafax Version : 3:6.0.6-6+deb8u1 CVE ID : CVE-2018-17141 Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message. For Debian 8 "Jessie",...
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2018:2797-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for hylafax+ (critical)
This update for hylafax+ fixes the following issues: Security issues fixed in 5.6.1: - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also contain...
CVE-2018-17141
CVE-2018-17141 affects HylaFAX and HylaFAX+ where specially crafted JPEG input during fax page reception could trigger remote code execution due to missing input sanitising in the FaxModem data path. Public fixes exist: HylaFAX+ 5.6.1 (and later) mitigates the issue; Debian LTS advisory notes a f...
CVE-2018-17141
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities
Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are...
Debian DSA-4298-1 : hylafax - security update
Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing input sanitising in the Hylafax fax software could potentially result in the execution of arbitrary code via a malformed fax message. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
[SECURITY] [DSA 4298-1] hylafax security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4298-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2018 https://www.debian.org/security/faq -...