HylaFAX < 4.2.2 RC1 xferfaxstats Symlink Arbitrary File Overwrite
Low Nessus Network Monitor Plugin ID 3236
SynopsisThe fax server creates temporary files in an insecure manner.
DescriptionThe remote host is running HylaFAX, a fax transmission software. It is reported that HylaFAX is prone to a flaw in the way that it creates temporary files. A local attacker exploiting this flaw would be able to gain access to potentially confidential information or use the flaw to escalate their privileges on the machine.
SolutionUpgrade to version 4.2.2 RC1 or higher.