HylaFAX Remote PAM Authentication Bypass Vulnerability

HylaFAX Remote PAM Authentication Bypass Vulnerability

References:

Bugzilla Bug 682 - hfaxd PAM support doesn't work for non-passworded authenti (HylaFAX)
Bugzilla Bug 719 - Unsanitised user-supplied data passed to eval in notify an (HylaFAX)
HylaFAX 4.2.4 release (HylaFAX)
Hylafax Homepage (Hylafax)
Re: [hylafax-users] proceedure for hylafax setup for PAM authentiation (HylaFAX)
HylaFAX Security advisory - fixed in HylaFAX 4.2.4 (Aidan Van Dyk )

Privacy Statement
Copyright 2010, SecurityFocus