Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

HylaFAX < 4.2.2 RC1 xferfaxstats Symlink Arbitrary File Overwrite



The fax server creates temporary files in an insecure manner.


The remote host is running HylaFAX, a fax transmission software. It is reported that HylaFAX is prone to a flaw in the way that it creates temporary files. A local attacker exploiting this flaw would be able to gain access to potentially confidential information or use the flaw to escalate their privileges on the machine.


Upgrade to version 4.2.2 RC1 or higher.