← volver
CVE-2005-3539

CVE-2005-3539

EPSS 12.4%
Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/27032no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719http://secunia.com/advisories/18314http://secunia.com/advisories/18337http://secunia.com/advisories/18366http://secunia.com/advisories/18489http://www.debian.org/security/2005/dsa-933http://www.gentoo.org/security/en/glsa/glsa-200601-03.xmlhttp://www.hylafax.org/content/HylaFAX_4.2.4_releasehttp://www.mandriva.com/security/advisories?name=MDKSA-2006:015http://www.securityfocus.com/archive/1/420974/100/0/threadedhttp://www.securityfocus.com/bid/16151http://www.vupen.com/english/advisories/2006/0072