Hylafax is an Open Source fax server which allows sharing of fax equipment among computers by offering its service to clients by a protocol similar to FTP. The SuSE Security Team found a format bug condition during a code review of the hfaxd server. It allows remote attackers to execute arbitrary code as root. However, the bug can not be triggered in hylafax’ default configuration.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 8.1 | i586 | hylafax | < 4.1.3-145 | hylafax-4.1.3-145.i586.rpm |
openSUSE | 8.2 | i586 | capi4hylafax | < 4.1.5-190 | capi4hylafax-4.1.5-190.i586.rpm |
openSUSE | 9.0 | i586 | hylafax | < 4.1.7-67 | hylafax-4.1.7-67.i586.rpm |
openSUSE | 8.2 | i586 | hylafax | < 4.1.5-190 | hylafax-4.1.5-190.i586.rpm |
openSUSE | 8.1 | i586 | capi4hylafax | < 4.1.3-145 | capi4hylafax-4.1.3-145.i586.rpm |
openSUSE | 7.3 | sparc | hylafax | < 4.1-122 | hylafax-4.1-122.sparc.rpm |
openSUSE | 8.0 | i386 | hylafax | < 4.1-303 | hylafax-4.1-303.i386.rpm |
openSUSE | 7.3 | i386 | hylafax | < 4.1-303 | hylafax-4.1-303.i386.rpm |
openSUSE | 7.3 | ppc | hylafax | < 4.1-206 | hylafax-4.1-206.ppc.rpm |
openSUSE | 9.0 | i586 | capi4hylafax | < 4.1.7-67 | capi4hylafax-4.1.7-67.i586.rpm |