Executive Summary
| Summary | |
|---|---|
| Title | New hylafax packages fix security related problems |
| Informations | |||
|---|---|---|---|
| Name | DSA-148 | First vendor Publication | 2002-08-12 |
| Vendor | Debian | Last vendor Modification | 2002-08-12 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A set of problems have been discovered in Hylafax, a flexible client/server fax software distributed with many GNU/Linux distributions. Quoting SecurityFocus the problems are in detail: * A format string vulnerability makes it possible for users to potentially execute arbitrary code on some implementations. Due to insufficient checking of input, it's possible to execute a format string attack. Since this only affects systems with the faxrm and faxalter programs installed setuid, Debian is not vulnerable. * A buffer overflow has been reported in Hylafax. A malicious fax transmission may include a long scan line that will overflow a memory buffer, corrupting adjacent memory. An exploid may result in a denial of service condition, or possibly the execution of arbitrary code with root privileges. * A format string vulnerability has been discovered in faxgetty. Incoming fax messages include a Transmitting Subscriber Identification (TSI) string, used to identify the sending fax machine. Hylafax uses this data as part of a format string without properly sanitizing the input. Malicious fax data may cause the server to crash, resulting in a denial of service condition. * Marcin Dawcewicz discovered a format string vulnerability in hfaxd, which will crash hfaxd under certain circumstances. Since Debian doesn't have hfaxd installed setuid root, this problem can not directly lead into a vulnerability. This has been fixed by Darren Nickerson, which was already present in newer versions, but not in the potato version. These problems have been fixed in version 4.0.2-14.3 for the old stable distribution (potato), in version 4.1.1-1.1 for the current stable distribution (woody) and in version 4.1.2-2.1 for the unstable distribution (sid). We recommend that you upgrade your hylafax packages. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato |
Original Source
| Url : http://www.debian.org/security/2002/dsa-148 |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 148-1 (hylafax) File : nvt/deb_148_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5002 | HylaFAX faxgetty TSI Format String DoS HylaFAX faxgetty contains a flaw that may allow a remote denial of service. The issue is triggered when format string occurs via the TSI data element, which may allow for an attacker to casue the service to stop responding and or execute arbitrary code on the targeted host. |
| 4630 | HylaFAX faxgetty Overflow |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-148.nasl - Type : ACT_GATHER_INFO |
| 2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2002-055.nasl - Type : ACT_GATHER_INFO |
| 2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2002_035.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:27:17 |
|
