CVE-2005-3539
CVE-2005-3539
Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/27032não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719http://secunia.com/advisories/18314http://secunia.com/advisories/18337http://secunia.com/advisories/18366http://secunia.com/advisories/18489http://www.debian.org/security/2005/dsa-933http://www.gentoo.org/security/en/glsa/glsa-200601-03.xmlhttp://www.hylafax.org/content/HylaFAX_4.2.4_releasehttp://www.mandriva.com/security/advisories?name=MDKSA-2006:015http://www.securityfocus.com/archive/1/420974/100/0/threadedhttp://www.securityfocus.com/bid/16151http://www.vupen.com/english/advisories/2006/0072