Hylafax 'faxalter' Buffer Overflow Vulnerability

Hylafax is a popular fax server software package designed to run on multiple UNIX operating systems. Some versions of Hylafax ship with a vulnerable sub program 'faxalter'. This program is installed SUID UUCP and has a buffer overflow which if exploited will allow a malicious user to gain UUCP privileges.

Because the important programs are executed as root, such as Minicom (a popular modem terminal program) or cu(1) and are in the UUCP group and therefore writable by the same group they could be trojaned by the attacker. A successful scenario in this event would lead to a root compromise.


 

Privacy Statement
Copyright 2010, SecurityFocus