Hylafax Incoming TSI Format String Denial Of Service Vulnerability

Hylafax is a software package designed to handle the transmission of faxes.

Incoming fax messages include a Transmitting Subscriber Identification (TSI) string, used to identify the fax machine of origin. Some versions of Hylafax use this data as part of a format string without properly sanitizing the input. Malicious fax data may cause the server to crash, resulting in a denial of service condition.


 

Privacy Statement
Copyright 2010, SecurityFocus