This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.
The remote fax server fails to properly validate passwords.
The remote host is running HylaFAX, a fax / pager server application
for Linux / unix.
The version of HylaFAX installed on the remote host does not check
passwords when authenticating users via hfaxd, its fax server. An
attacker can exploit this issue to bypass authentication using a valid
username and gain access to the system.
See also :
Rebuild HylaFAX with PAM support or upgrade to HylaFAX version 4.2.4
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true