|
|
Subscribe / Log in / New account

HylaFAX: input validation vulnerability

Package(s):hylafax CVE #(s):CVE-2005-3538 CVE-2005-3539
Created:January 6, 2006 Updated:January 17, 2006
Description: The HylaFAX 4.2.4 release corrects issues with previous versions. HylaFAX runs the notify script on untrusted user input. Furthermore, users can log in without a password when HylaFAX is installed with the pam USE-flag disabled.
Alerts:
Mandriva MDKSA-2006:015 hylafax 2006-01-16
Debian DSA-933-1 hylafax 2006-01-09
Gentoo 200601-03 hylafax 2006-01-06
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds