|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2002:055: hylafax Vulnerability Assessment Details
|
MDKSA-2002:055: hylafax |
||
Check for the version of the hylafax package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2002:055 (hylafax). Numerous vulnerabilities in the HylaFAX product exist in versions prior to 4.1.3. It does not check the TSI string which is received from remote FAX systems before using it in logging and other places. A remote sender using a specially formatted TSI string can cause the faxgetty program to segfault, resulting in a denial of service. Format string vulnerabilities were also discovered by Christer Oberg, which exist in a number of utilities bundled with HylaFax, such as faxrm, faxalter, faxstat, sendfax, sendpage, and faxwatch. If any of these tools are setuid, they could be used to elevate system rights. Mandrake Linux does not, by default, install these tools setuid. Finally, Lee Howard discovered that faxgetty would segfault due to a buffer overflow after receiving a very large line of image data. This vulnerability could conceivably be used to execute arbitrary commands on the system as root, and could also be exploited more easily as a denial of sevice. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:055 Network Security Threat Level: High Networks Security ID: 3357 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
Seagate Exos X16 ST14000NM001G 14TB 512E SATA 6Gb/s 3.5" Enterprise Hard Drive
$157.99
HGST NetApp 8TB 7.2k 12G NL-SAS 3.5in HDD HUH728080AL5200 0F25735 108-00455
$69.99
250GB HARD DRIVE for Macbook MB062LL/A MA611LL/A A1181 MA092LL/A MA700LL/A A1150
$24.56
Western Digital 8TB Certified Refurbished My Book Hard Drive-RWDBBGB0080HBK-NESN
$99.99
HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5" Enterprise HDD- HUH721212ALE601
$89.99
Seagate Exos 7E10 ST2000NM000B 2TB 7200RPM SATA 6.0Gb/s 3.5" Internal Hard Drive
$29.99
HGST Ultrastar HE10 HUH721010ALE600 10TB SATA 6Gb/s 7200RPM 3.5" Enterprise HDD
$78.99
WD Ultrastar DC HC530 14TB SATA 6G 3.5" 7200RPM Enterprise HDD - WUH721414ALE604
$112.00
WD 16TB Elements Desktop, Certified Refurbished Hard Drive - RWDBWLG0160HBK-NESN
$174.99
Western Digital WD4000FYYZ RE 4TB 7200 RPM 64MB Cache SATA 6Gb/s 3.5" Hard Drive
$28.50
|
||
No Discussions have been posted on this vulnerability. |