lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 11 Nov 2003 13:58:08 -0800
From: Lee Howard <lee.howard@...afax.org>
To: bugtraq@...urityfocus.com
Subject: HylaFAX - Format String Vulnerability Fixed


HylaFAX Security Advisory
11 November 2003

Subject: Format String Vulnerability Fixed


Introduction:

HylaFAX is a mature (est. 1991) enterprise-class open source software 
package for sending and receiving facsimiles as well as for sending 
alpha-numeric pages.  It runs on a wide variety of UNIX-like platforms 
including Linux, BSD (including Mac OS X), SunOS and Solaris, SCO, 
IRIX, AIX, and HP-UX.  See http://www.hylafax.org for more details.


Problem Description and Impact:

The SuSE Security Team recently audited the HylaFAX daemon (hfaxd) and
discovered a remotely exploitable format string vulnerability.

A vulnerable host must have set the 0x002 bit for the ServerTracing
configuration parameter.  This is not the default setting for the
HylaFAX installation, but it is not an uncommon configuration when
troubleshooting HylaFAX operation.


Status:

HylaFAX development has released the 4.1.8 patch-level code release
which includes the fix for this format string vulnerability as
contributed by SuSE.  All users are strongly encouraged to upgrade.


Availability:

HylaFAX 4.1.8 is available by anonymous ftp at:

     ftp://ftp.hylafax.org/source/hylafax-4.1.8.tar.gz

(Binary versions will shortly be made available)

The fix is available in patch form at:

     http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=468

There is no known exploitation in the wild of this vulnerability.


Thanks:

Many thanks go to the SuSE Security Team and Sebastian Krahmer for 
their commendable handling of this vulnerability.  Thanks also go to 
Michael O'Connor at SGI for his advice in establishing the security 
contact.


Contact:

Matters pertaining to HylaFAX security should be addressed to
HylaFAX-CERT <security@...afax.org>

--
Lee Howard
HylaFAX Developer
lee.howard@...afax.org


Powered by blists - more mailing lists