Debian Security Advisory DSA 401-1 (hylafax) Network Vulnerability

Summary

The remote host is missing an update to hylafax announced via advisory DSA 401-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20401-1

Insight

The SuSE Security Team discovered several exploitable formats string vulnerabilities in hylafax, a flexible client/server fax system, which could lead to executing arbitrary code as root on the fax server. For the stable distribution (woody) this problem has been fixed in version 4.1.1-1.3. For the unstable distribution (sid) this problem has been fixed in version 4.1.8-1. We recommend that you upgrade your hylafax packages.

Severity

Classification

CVE CVE-2003-0886

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1011-1 (kernel-patch-vserver, util-vserver)
Debian Security Advisory DSA 098-1 (libgtop)
Debian Security Advisory DSA 1051-1 (mozilla-thunderbird)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 1067-1 (kernel 2.4.16)

Take action and discover your vulnerabilities