4 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-15397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under...
SUSE CVE-2005-3538
hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges...
CVE-2020-11766
sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection...
DEBIAN-CVE-2005-3070
HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file...