Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0387

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0387
Last Modified 05 Sep 2008 04:23:58
Published 02 Jul 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0387

Summary

Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.

Vulnerable Systems

Application

  • Hylafax 4.0 Pl0

  • Hylafax 4.0 Pl1

  • Hylafax 4.0 Pl2

  • Hylafax 4.1 Beta1

  • Hylafax 4.1 Beta2

  • Hylafax 4.1 Beta3


References

BID - 2574

MANDRAKE - MDKSA-2001:041

SUSE - SuSE-SA:2001:15

BUGTRAQ - 20010415 **SECURITY ADVISORY** - HylaFAX format string vulnerability

BUGTRAQ - 20010412 HylaFAX vulnerability

XF - hylafax-hfaxd-format-string(6377)

OSVDB - 5679

FREEBSD - FreeBSD-SA-01:34


Last Updated: 27 May 2016 10:36:14