Mandrake Linux Security Advisory : hylafax (MDKSA-2006:015)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Patrice Fournier discovered the faxrcvd/notify scripts (executed as
the uucp/fax user) run user-supplied input through eval without any
attempt at sanitising it first. This would allow any user who could
submit jobs to HylaFAX, or through telco manipulation control the
representation of callid information presented to HylaFAX to run
arbitrary commands as the uucp/fax user. (CVE-2005-3539, only 'notify'
in the covered versions)

Updated packages were also reviewed for vulnerability to an issue
where if PAM is disabled, a user could log in with no password.
(CVE-2005-3538)

In addition, some fixes to the packages for permissions, and the
%pre/%post scripts were backported from cooker. (#19679)

The updated packages have been patched to correct these issues.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 20794 (mandrake_MDKSA-2006-015.nasl)

Bugtraq ID:

CVE ID: CVE-2005-3538
CVE-2005-3539

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now