pkg:Debian/hylafax

All known vulnerabilities

• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-7+deb9u1
• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-8.1
• CRITICAL9.8CVE-2018-17141hylafax - security update
  from 0, < 3:6.0.6-6+deb8u1
• HIGH7.8In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories.
  from 0, < 3:6.0.7-3.1
• —hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.
  from 0, < 2:4.2.4-1
• —hylafax - arbitrary command execution
  from 0, < 2:4.2.4-2
• —hylafax - arbitrary command execution
  from 0, < 4.1.1-4woody1
• —hylafax - insecure temporary files
  from 0, < 1:4.1.1-3.2
• —HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and ca…
  from 0, < 1:4.2.2+rc1
• —hylafax - insecure temporary files
  from 0, < 1:4.2.2+rc1
• —hylafax - weak hostname and username validation
  from 0, < 1:4.2.1-1
• —hylafax - weak hostname and username validation
  from 0, < 1:4.1.1-3.1
• —hylafax - format strings
  from 0, < 1:4.1.8-1
• —hylafax - format strings
  from 0, < 4.1.1-1.3
• —Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data…
  from 0, < 4.1.2-2.1
• —Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code,…
  from 0, < 4.1.2-2.1
• —hylafax - buffer overflows and format string vulnerabilities
  from 0, < 1:4.1.1-1.1
• —hylafax - buffer overflows and format string vulnerabilities
  from 0, < 4.1.2-2.1