Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1034

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-1034
Last Modified 05 Sep 2008 04:25:31
Published 23 Sep 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1034

Summary

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.

Vulnerable Systems

Operating System

  • Freebsd 4.4


References

XF - hylafax-hostname-format-string(7164)

BID - 3357

BUGTRAQ - 20010923 hylafax


Last Updated: 27 May 2016 10:36:30