HylaFAX Remote Access Control Bypass

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by an access
control bypass vulnerability.

Description :

The remote host is running HylaFAX, a fax transmission software.

It is reported that HylaFAX is prone to an access control bypass
vulnerability. An attacker, exploiting this flaw, may be able to gain
unauthorized access to the service.

See also :

http://bugs.hylafax.org//show_bug.cgi?id=610

Solution :

Upgrade to version 4.2.1 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 16126 (hylafax_bypass.nasl)

Bugtraq ID: 12227

CVE ID: CVE-2004-1182

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial