• info
• discussion
• exploit
• solution
• references

HylaFAX Insecure UNIX Domain Socket Usage Vulnerability

Solution:
Mandrive has released advisory MDKSA-2005:177, along with fixes to address this issue. Please see the referenced advisory for further information.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.


Hylafax Hylafax 4.2.1

• Mandriva hylafax-4.2.1-2.1.20060mdk.i586.rpm
  Mandrivalinux 2006.0:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva hylafax-4.2.1-2.1.20060mdk.x86_64.rpm
  Mandrivalinux 2006.0/X86_64:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva hylafax-client-4.2.1-2.1.20060mdk.i586.rpm
  Mandrivalinux 2006.0:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva hylafax-client-4.2.1-2.1.20060mdk.x86_64.rpm
  Mandrivalinux 2006.0/X86_64:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva hylafax-server-4.2.1-2.1.20060mdk.i586.rpm
  Mandrivalinux 2006.0:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva hylafax-server-4.2.1-2.1.20060mdk.x86_64.rpm
  Mandrivalinux 2006.0/X86_64:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lib64hylafax4.2.0-4.2.1-2.1.20060mdk.x86_64.rpm
  Mandrivalinux 2006.0/X86_64:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva lib64hylafax4.2.0-devel-4.2.1-2.1.20060mdk.x86_64.rpm
  Mandrivalinux 2006.0/X86_64:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva libhylafax4.2.0-4.2.1-2.1.20060mdk.i586.rpm
  Mandrivalinux 2006.0:
  http://www1.mandrivalinux.com/en/ftp.php3


• Mandriva libhylafax4.2.0-devel-4.2.1-2.1.20060mdk.i586.rpm
  Mandrivalinux 2006.0:
  http://www1.mandrivalinux.com/en/ftp.php3