Vulnerabilities > CVE-2004-1182 - Unspecified vulnerability in Hylafax
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 11 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-634.NASL description Patrice Fournier discovered a vulnerability in the authorisation subsystem of hylafax, a flexible client/server fax system. A local or remote user guessing the contents of the hosts.hfaxd database could gain unauthorised access to the fax system. Some installations of hylafax may actually utilise the weak hostname and username validation for authorized uses. For example, hosts.hfaxd entries that may be common are 192.168.0 username:uid:pass:adminpass user@host After updating, these entries will need to be modified in order to continue to function. Respectively, the correct entries should be 192.168.0.[0-9]+ username@:uid:pass:adminpass user@host Unless such matching of last seen 2020-06-01 modified 2020-06-02 plugin id 16131 published 2005-01-12 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16131 title Debian DSA-634-1 : hylafax - weak hostname and username validation NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200501-21.NASL description The remote host is affected by the vulnerability described in GLSA-200501-21 (HylaFAX: hfaxd unauthorized login vulnerability) The code used by hfaxd to match a given username and hostname with an entry in the hosts.hfaxd file is insufficiently protected against malicious entries. Impact : If the HylaFAX installation uses a weak hosts.hfaxd file, a remote attacker could authenticate using a malicious username or hostname and bypass the intended access restrictions. Workaround : As a workaround, administrators may consider adding passwords to all entries in the hosts.hfaxd file. last seen 2020-06-01 modified 2020-06-02 plugin id 16412 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16412 title GLSA-200501-21 : HylaFAX: hfaxd unauthorized login vulnerability NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8EABAAD9641F11D992A7000A95BC6FAE.NASL description A flaw in HylaFAX may allow an attacker to bypass normal authentication by spoofing their DNS PTR records. last seen 2020-06-01 modified 2020-06-02 plugin id 19027 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19027 title FreeBSD : hylafax -- unauthorized login vulnerability (8eabaad9-641f-11d9-92a7-000a95bc6fae) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-006.NASL description Patrice Fournier discovered a vulnerability in the authorization sub-system of hylafax. A local or remote user guessing the contents of the hosts.hfaxd database could gain unauthorized access to the fax system. The updated packages are provided to prevent this issue. Note that the packages included with Corporate Server 2.1 do not require this fix. last seen 2020-06-01 modified 2020-06-02 plugin id 16157 published 2005-01-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16157 title Mandrake Linux Security Advisory : hylafax (MDKSA-2005:006) NASL family Misc. NASL id HYLAFAX_BYPASS.NASL description The remote host is running HylaFAX, a fax transmission software. It is reported that HylaFAX is prone to an access control bypass vulnerability. An attacker, exploiting this flaw, may be able to gain unauthorized access to the service. last seen 2020-06-01 modified 2020-06-02 plugin id 16126 published 2005-01-11 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16126 title HylaFAX Remote Access Control Bypass