139 matches found
EUVD-2001-0384
Malware in sbrugna...
EUVD-2002-1038
Malware in sbrugna...
EUVD-2002-1039
Malware in sbrugna...
EUVD-2003-0876
Malware in sbrugna...
EUVD-1999-1321
Malware in sbrugna...
OPENSUSE-SU-2024:10852-1 hylafax+-7.0.3-5.1 on GA media
These are all security issues fixed in the hylafax+-7.0.3-5.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2005-3539
Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via 1 the notify script in HylaFAX 4.2.0 to 4.2.3 and 2 crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3...
openSUSE Security Update : hylafax+ (openSUSE-2020-1210)
This update for hylafax+ fixes the following issues : Hylafax was updated to upstream version 7.0.3. Security issues fixed : - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem boo1173521. - CVE-2020-15397: Sourcing of files into binaries from user...
[SECURITY] Fedora 32 Update: hylafax+-7.0.3-1.fc32
HylaFAXtm is a enterprise-strength fax server supporting Class 1 and 2 fax modems on UNIX systems. It provides spooling services and numerous supporting fax management tools. The fax clients may reside on machines different from the server and client implementations exist for a number of platform...
[SECURITY] Fedora 31 Update: hylafax+-7.0.3-1.fc31
HylaFAXtm is a enterprise-strength fax server supporting Class 1 and 2 fax modems on UNIX systems. It provides spooling services and numerous supporting fax management tools. The fax clients may reside on machines different from the server and client implementations exist for a number of platform...
Fedora: Security Advisory for hylafax+ (FEDORA-2020-01eb48bcce)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
HylaFAX: Multiple vulnerabilities
Background HylaFAX is an enterprise-class system for sending and receiving facsimile messages and for sending alpha-numeric pages. Description Multiple vulnerabilities have been discovered in HylaFAX. Please review the CVE identifiers referenced below for details. Impact Please review the...
openSUSE Security Update : hylafax+ (openSUSE-2020-958)
This update for hylafax+ fixes the following issues : Security issue fixed : - CVE-2020-8024 boo1172731 hylafax+ was updated to version 7.0.2 : - change FIXEDWIDTH default to better accommodate auto-rotation 13 Dec 2019 - prevent SSLaccept from blocking 5 Dec 2019 - support libtiff v4.1 5 Dec 201...
CVE-2020-15397
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...
Sql injection
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root...
Design/Logic Flaw
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...
CVE-2020-15397
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...
CVE-2020-15397
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users e.g., locations under /var/spool/hylafax that are writable by the uucp account. This allows these users to execute code in the context of the user calling these binarie...
CVE-2020-15396
HylaFAX+ (including HylaFAX Enterprise) up to version 7.0.2 is affected by CVE-2020-15396: the faxsetup utility can race to chown files in user-owned directories, enabling local privilege escalation to root. Related issue CVE-2020-15397 concerns sourcing binaries from user-writeable directories. ...
openSUSE Security Update : hylafax+ (openSUSE-2019-711)
This update for hylafax+ fixes the following issues : Security issues fixed in 5.6.1 : - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also...