Bugzilla – Attachment 27650 Details for
Bug 64550
VUL-0: CVE-2004-1182: hylafax: auth bypass
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
hylafax.patch.maintained
hylafax.patch.maintained (text/plain), 840 bytes, created by
Ludwig Nussel
on 2005-01-14 22:34:02 UTC
(
hide
)
Description:
hylafax.patch.maintained
Filename:
MIME Type:
Creator:
Ludwig Nussel
Created:
2005-01-14 22:34:02 UTC
Size:
840 bytes
patch
obsolete
>DISTRIBUTION: sles8-i386,sles8-slec-i386,sles9-sld-i386 >PACKAGE: hylafax >PACKAGER: kkeil@suse.de >BUGZILLA: 49550 >CATEGORY: security >INDICATIONS: everyone using hylafax should update >CONTRAINDICATIONS: >CD-Produkt-Name: >CD-Produkt-Version: >REQUIRES: >SWAMPID: 94 >DESCRIPTION: >A bug in the authentication code of hfaxd has been fixed that >allowed attackers to gain unauthorized access to the fax system by >guessing the content of the hosts.hfaxd file. > >Please note that entries in hosts.hfaxd that are of the form > > 192.168.0 > username:uid:pass:adminpass > user@host > >will no longer work after this update. Such entries should be >changed into > > 192.168.0.[0-9]+ > username@:uid:pass:adminpass > user@host > >If possible delimiters for the regular expressions should be used: > > @192.168.0.[0-9]+$ > ^username@:uid:pass:adminpass > ^user@host$
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=27650">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 64550
:
27335
|
27454
|
27455
|
27649
| 27650