|
|
CVE Reference: CVE-2004-1182 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1182 |
|
|
Description: hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA13812 MLIST http://marc.theaimsgroup.com/?l=hylafax&m=110545119911558&w=2 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:006 GENTOO http://security.gentoo.org/glsa/glsa-200501-21.xml DEBIAN http://www.debian.org/security/2004/dsa-634 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110546971307585&w=2 |
|
| Return to the previous page. |
