13 matches found
Mageia: Security Advisory (MGASA-2020-0356)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for hylafax+ (moderate)
openSUSE Security Update: Security update for hylafax+ Announcement ID: openSUSE-SU-2020:1438-1 Rating: moderate References: 1173519 1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now available...
OPENSUSE-SU-2020:1438-1 Security update for hylafax+
This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
openSUSE Security Update : hylafax+ (openSUSE-2020-1210)
This update for hylafax+ fixes the following issues : Hylafax was updated to upstream version 7.0.3. Security issues fixed : - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
openSUSE Security Update : hylafax+ (openSUSE-2020-1209)
This update for hylafax+ fixes the following issues : Hylafax was updated to upstream version 7.0.3. Security issues fixed : - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2020:1210-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for hylafax+ (openSUSE-SU-2020:1209-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:1210-1 Security update for hylafax+
This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
OPENSUSE-SU-2020:1209-1 Security update for hylafax+
This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
Security update for hylafax+ (moderate)
openSUSE Security Update: Security update for hylafax+ Announcement ID: openSUSE-SU-2020:1209-1 Rating: moderate References: 1173519 1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description...
Security update for hylafax+ (moderate)
openSUSE Security Update: Security update for hylafax+ Announcement ID: openSUSE-SU-2020:1210-1 Rating: moderate References: 1173519 1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description...
Fedora 32 : hylafax+ (2020-01eb48bcce)
update to 7.0.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc. T...
CVE-2020-15397
CVE-2020-15397 affects HylaFAX+ up to version 7.0.2 (and HylaFAX Enterprise) where scripts can source/execute binaries from directories writable by unprivileged users (e.g., /var/spool/hylafax). This leads to code execution in the caller’s user context, often root. A fix is available in HylaFAX+ ...