Executive Summary
| Summary | |
|---|---|
| Title | New hylafax packages fix unauthorised access |
| Informations | |||
|---|---|---|---|
| Name | DSA-634 | First vendor Publication | 2005-01-11 |
| Vendor | Debian | Last vendor Modification | 2005-01-11 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Patrice Fournier discovered a vulnerability in the authorisation subsystem of hylafax, a flexible client/server fax system. A local or remote user guessing the contents of the hosts.hfaxd database could gain unauthorised access to the fax system. Some installations of hylafax may actually utilise the weak hostname and username validation for authorized uses. For example, hosts.hfaxd entries that may be common are 192.168.0 username:uid:pass:adminpass user@host After updating, these entries will need to be modified in order to continue to function. Respectively, the correct entries should be 192.168.0.[0-9] + username@:uid:pass:adminpass user@host Unless such maching of "username" with "otherusername" and "host" with "hostname" is desired, the proper form of these entries should include the delimiter and markers like this @192.168.0.[0-9]+$ ^username@:uid:pass:adminpass ^user@host$ For the stable distribution (woody) this problem has been fixed in version 4.1.1-3.1. For the unstable distribution (sid) this problem has been fixed in version 4.2.1-1. We recommend that you upgrade your hylafax packages. |
Original Source
| Url : http://www.debian.org/security/2005/dsa-634 |
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-21 (HylaFAX) File : nvt/glsa_200501_21.nasl |
| 2008-09-04 | Name : FreeBSD Ports: hylafax File : nvt/freebsd_hylafax.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 634-1 (hylafax) File : nvt/deb_634_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 12859 | HylaFAX hosts.hfaxd Authentication Bypass |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8eabaad9641f11d992a7000a95bc6fae.nasl - Type : ACT_GATHER_INFO |
| 2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-21.nasl - Type : ACT_GATHER_INFO |
| 2005-01-13 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-006.nasl - Type : ACT_GATHER_INFO |
| 2005-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-634.nasl - Type : ACT_GATHER_INFO |
| 2005-01-11 | Name : The remote host contains an application that is affected by an access control... File : hylafax_bypass.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2020-05-23 13:03:43 |
|
| 2016-04-26 13:39:40 |
|
| 2014-02-17 11:33:44 |
|
| 2013-05-11 12:18:49 |
|
