HylaFAX Remote Access Control Bypass

High Nessus Plugin ID 16126


The remote host contains an application that is affected by an access control bypass vulnerability.


The remote host is running HylaFAX, a fax transmission software.

It is reported that HylaFAX is prone to an access control bypass vulnerability. An attacker, exploiting this flaw, may be able to gain unauthorized access to the service.


Upgrade to version 4.2.1 or later.

See Also


Plugin Details

Severity: High

ID: 16126

File Name: hylafax_bypass.nasl

Version: $Revision: 1.10 $

Type: remote

Family: Misc.

Published: 2005/01/11

Modified: 2014/07/03

Dependencies: 76347

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hylafax:hylafax

Required KB Items: hylafax/installed, hylafax/version, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2004-1182

BID: 12227

OSVDB: 12859