pkg:Debian/hylafax

All known vulnerabilities

• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-7+deb9u1
• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-8.1
• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-6+deb8u1
• HIGH7.8CVE-2020-15396In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories.
  from 0, < 3:6.0.7-3.1
• —CVE-2005-3538hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.
  from 0, < 2:4.2.4-1
• —CVE-2005-3539hylafax - arbitrary command execution
  from 0, < 2:4.2.4-2
• —CVE-2005-3539hylafax - arbitrary command execution
  from 0, < 4.1.1-4woody1
• —CVE-2005-3069hylafax - insecure temporary files
  from 0, < 1:4.1.1-3.2
• —CVE-2005-3070HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and ca…
  from 0, < 1:4.2.2+rc1
• —CVE-2005-3069hylafax - insecure temporary files
  from 0, < 1:4.2.2+rc1
• —CVE-2004-1182hylafax - weak hostname and username validation
  from 0, < 1:4.2.1-1
• —CVE-2004-1182hylafax - weak hostname and username validation
  from 0, < 1:4.1.1-3.1
• —CVE-2003-0886hylafax - format strings
  from 0, < 1:4.1.8-1
• —CVE-2003-0886hylafax - format strings
  from 0, < 4.1.1-1.3
• —CVE-2002-1049Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data…
  from 0, < 4.1.2-2.1
• —CVE-2002-1050Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code,…
  from 0, < 4.1.2-2.1
• —CVE-2001-1034hylafax - buffer overflows and format string vulnerabilities
  from 0, < 1:4.1.1-1.1
• —CVE-2001-1034hylafax - buffer overflows and format string vulnerabilities
  from 0, < 4.1.2-2.1