Mandriva update for hylafax
Secunia Advisory: SA17107
Release Date: 2005-10-10
Popularity: 5,798 views

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:Mandrake Corporate Server 2.x
Mandrakelinux 10.1

Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2005-3069
CVE-2005-3070


Description:
Mandriva has issued an update for hylafax. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

For more information:
SA16906

An incorrect use of Unix domain sockets has also been fixed.

Solution:
Apply updated packages.

Mandrakelinux 10.1:

f7ca9274944776e0c8a697b77cc517ea 10.1/RPMS/hylafax-4.2.0-1.3.101mdk.i586.rpm
c49a39ddf8151f10b06b0ac70dc9c3e8 10.1/RPMS/hylafax-client-4.2.0-1.3.101mdk.i586.rpm
77211d2fe0790d276694b1cf3d2d855c 10.1/RPMS/hylafax-server-4.2.0-1.3.101mdk.i586.rpm
aaaca7a343600961e87f6c6e4ead0c8d 10.1/RPMS/libhylafax4.2.0-4.2.0-1.3.101mdk.i586.rpm
da5bce1b0c53e298dcd7cb5ef0dbab5d 10.1/RPMS/libhylafax4.2.0-devel-4.2.0-1.3.101mdk.i586.rpm
ca2bdc57603dda7f982c59626d9e2a02 10.1/SRPMS/hylafax-4.2.0-1.3.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:

35f7d808588e1d9ad5b8de2c9e5c8cb0 x86_64/10.1/RPMS/hylafax-4.2.0-1.3.101mdk.x86_64.rpm
1b8a373e8d1d005b4b14124dba7b5df1 x86_64/10.1/RPMS/hylafax-client-4.2.0-1.3.101mdk.x86_64.rpm
5f169d7d2377d8066e2d13c771d431eb x86_64/10.1/RPMS/hylafax-server-4.2.0-1.3.101mdk.x86_64.rpm
677f9360dcdfca9f86967ad4c6f738f1 x86_64/10.1/RPMS/lib64hylafax4.2.0-4.2.0-1.3.101mdk.x86_64.rpm
e2185b51d1d9568ccca76e37cd99e98b x86_64/10.1/RPMS/lib64hylafax4.2.0-devel-4.2.0-1.3.101mdk.x86_64.rpm
ca2bdc57603dda7f982c59626d9e2a02 x86_64/10.1/SRPMS/hylafax-4.2.0-1.3.101mdk.src.rpm

Corporate Server 2.1:

e0e77173d66d6a0c31ffc84cd40a4253 corporate/2.1/RPMS/hylafax-4.1.3-5.3.C21mdk.i586.rpm
6f38a677c369b3a2110bd508a2a439e3 corporate/2.1/RPMS/hylafax-client-4.1.3-5.3.C21mdk.i586.rpm
fce937eeb3257adefe370294bbb8516e corporate/2.1/RPMS/hylafax-server-4.1.3-5.3.C21mdk.i586.rpm
bfe2fedab3fdbbb726995e4a6e4a93ac corporate/2.1/RPMS/libhylafax4.1.1-4.1.3-5.3.C21mdk.i586.rpm
c4b2bb4b1ab084a2949a934978a33d7f corporate/2.1/RPMS/libhylafax4.1.1-devel-4.1.3-5.3.C21mdk.i586.rpm
763f4270d854d27b53c83c378bf81151 corporate/2.1/SRPMS/hylafax-4.1.3-5.3.C21mdk.src.rpm

Corporate Server 2.1/X86_64:

213b760b160484b8e17e5da32f974048 x86_64/corporate/2.1/RPMS/hylafax-4.1.3-5.3.C21mdk.x86_64.rpm
a4069af7c182c925844fcdcbad0b6ad6 x86_64/corporate/2.1/RPMS/hylafax-client-4.1.3-5.3.C21mdk.x86_64.rpm
840537452b7e5dcc83e36d72e5b9071f x86_64/corporate/2.1/RPMS/hylafax-server-4.1.3-5.3.C21mdk.x86_64.rpm
2897c385ffe1e5c5ee76d01114ad6bee x86_64/corporate/2.1/RPMS/libhylafax4.1.1-4.1.3-5.3.C21mdk.x86_64.rpm
674cef6c3e5b272e048218eb5e6ca8a2 x86_64/corporate/2.1/RPMS/libhylafax4.1.1-devel-4.1.3-5.3.C21mdk.x86_64.rpm
763f4270d854d27b53c83c378bf81151 x86_64/corporate/2.1/SRPMS/hylafax-4.1.3-5.3.C21mdk.src.rpm

Original Advisory:
http://www.mandriva.com/security/advisories?name=MDKSA-2005:177

Other References:
SA16906:
http://secunia.com/advisories/16906/


Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 11
New vulnerabilities: 14
Updated advisories: 19

Less // 33 views
Fedora update for samba
Less // 36 views
Fedora update for bitlbee
Moderately // 271 views
rPath update for libtiff
Highly // 265 views
Gentoo update for realplayer
Less // 260 views
Gentoo update for mysql
Moderately // 262 views
Gentoo update for dnsmasq

Solutions | More...  


Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. 3Com Wireless 8760 Access Point HTTP Request Processing Denial of Service // 89 views
2. HP OpenView Select Identity Connectors Information Disclosure // 75 views
3. Cisco ASA and PIX Security Appliances Multiple Vulnerabilities // 66 views
4. Drupal Content Construction Kit Script Insertion Vulnerabilities // 65 views
5. Gentoo update for yelp // 49 views
6. rPath update for libtiff // 41 views
7. Gentoo update for dnsmasq // 40 views
8. Gentoo update for realplayer // 40 views
9. CS-Cart "cs_cookies" SQL Injection Vulnerability // 40 views
10. Cisco Secure ACS EAP Packet Denial of Service // 39 views