Re: hylafax

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <christer.oberg@gmx.net>, <bugtraq@securityfocus.com>
Subject: Re: hylafax
From: "Przemyslaw Frasunek" <venglin@freebsd.lublin.pl>
Date: Sat, 13 Oct 2001 21:31:29 +0200
Organization: babcia padlina ltd.
References: <3629.1001238645@www8.gmx.net>

> There are some format strings vulnerbilities in the lastest hylafax
package
> try faxrm -h %x 1 or faxalter -h %x -D 1 for "proof of concept".

an exploit for this one:
http://www.frasunek.com/sources/security/security/hylafax.pl

--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *

Follow-Ups:
- Re: hylafax
  - From: Lee Howard

References:
- hylafax
  - From: christer . oberg

Prev by Date: Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)
Next by Date: Re: OpenProjects IRCD allows DNS spoofing
Previous by thread: Re: hylafax
Next by thread: Re: hylafax
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux