[ale] FW: HylaFAX security patch

Bob Toxen bob at verysecurelinux.com
Mon Nov 17 16:04:11 EST 2003


----- Forwarded message from X-Force <xforce at iss.net> -----

To: alert at iss.net
From: X-Force <xforce at iss.net>
Subject: ISS Security Alert Summary AS03-46
List-Subscribe: <https://atla-mm1.iss.net/mailman/listinfo/alert>,
	<mailto:alert-request at iss.net?subject=subscribe>

-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Alert Summary AS03-46
November 17, 2003

X-Force Vulnerability and Threat Database:
http://xforce.iss.net/

...

Date Reported:      11/10/2003
Brief Description:  HylaFAX format string attack
Risk Factor:        High
Attack Type:        Network Based
Platforms:          Debian Linux 3.0, HylaFAX 4.1.7, Mandrake Linux
                    9.0, Mandrake Linux 9.1, Mandrake Linux 9.2,
                    Mandrake Linux Corporate Server 2.1, SuSE Linux
                    7.3, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
                    8.2, SuSE Linux 9.0, SuSE Linux Standard Server 8,
                    SuSE Linux Desktop 1.0, SuSE Linux Enterprise
                    Server 7, SuSE Linux Office Server Any version
Vulnerability:      hylafax-format-string
X-Force URL:        http://xforce.iss.net/xforce/xfdb/13642

Btw, in the same email, there were two High risk factor Microsoft
vulnerabilities and two Medium risk factor Microsoft vulnerabilities.

Bob Toxen



More information about the Ale mailing list