SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   HylaFAX Vendors:   Hylafax.org
(Mandrake Issues Fix) HylaFAX Validation Error Lets Remote Users Gain Access
SecurityTracker Alert ID:  1012886
SecurityTracker URL:  http://securitytracker.com/id/1012886
CVE Reference:   CVE-2004-1182   (Links to External Site)
Date:  Jan 13 2005
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0pl0 - 4.2
Description:   A vulnerability was reported in HylaFAX in the validation of users against the 'hosts.hfaxd' database. A remote user may be able to gain access.

Lee Howard reported that in certain cases, the software incorrectly compares the user-supplied username with an entry in the 'hosts.hfaxd' database. If the username does not contain the '@' character, then hfaxd will authenticate any user from the specified host. A remote user can supply a specially crafted hostname that matches an entry in the database and that (per the 'hosts.hfaxd' database) does not require a password to login to the service.

Impact:   A remote user may be able to gain access to the service.
Solution:   Mandrake has released a fix.

Mandrakelinux 10.0:
ee579763c8d03a6700ed952b9ccec832 10.0/RPMS/hylafax-4.1.8-2.1.100mdk.i586.rpm
342f2d7f890f2b31ef689eb0a308dee4 10.0/RPMS/hylafax-client-4.1.8-2.1.100mdk.i586.rpm
998f0ad4665e364c607fae0d87bf6e63 10.0/RPMS/hylafax-server-4.1.8-2.1.100mdk.i586.rpm
5113375fd58490f64f6b5c0293780a79 10.0/RPMS/libhylafax4.1.1-4.1.8-2.1.100mdk.i586.rpm
996a95af88ca9ab77371448957b7271f 10.0/RPMS/libhylafax4.1.1-devel-4.1.8-2.1.100mdk.i586.rpm
3530b9962aa58309aa59c1fd355d23ac 10.0/SRPMS/hylafax-4.1.8-2.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
8b37c55f1eaadd9c4a0645c43b4ad25c amd64/10.0/RPMS/hylafax-4.1.8-2.1.100mdk.amd64.rpm
cb3290ee2bf666ed51e427e59829459d amd64/10.0/RPMS/hylafax-client-4.1.8-2.1.100mdk.amd64.rpm
05451b45a4036f314933d15b755ea8d7 amd64/10.0/RPMS/hylafax-server-4.1.8-2.1.100mdk.amd64.rpm
35310391ebce8f0a4085ed6b7d2ccd04 amd64/10.0/RPMS/lib64hylafax4.1.1-4.1.8-2.1.100mdk.amd64.rpm
d1b71635033b9e72c86057a0f156c544 amd64/10.0/RPMS/lib64hylafax4.1.1-devel-4.1.8-2.1.100mdk.amd64.rpm
3530b9962aa58309aa59c1fd355d23ac amd64/10.0/SRPMS/hylafax-4.1.8-2.1.100mdk.src.rpm

Mandrakelinux 10.1:
2cbc9e6bd58daf7d2d15f6091416ca23 10.1/RPMS/hylafax-4.2.0-1.1.101mdk.i586.rpm
80cf2d108124ebab09f2d92ffd3e2391 10.1/RPMS/hylafax-client-4.2.0-1.1.101mdk.i586.rpm
b4e98805f61130b91b5cc98ba886af89 10.1/RPMS/hylafax-server-4.2.0-1.1.101mdk.i586.rpm
5afec8caa3b77932c27d032e21a0eeed 10.1/RPMS/libhylafax4.2.0-4.2.0-1.1.101mdk.i586.rpm
e5aafca41da67cacdef699983d81f3f0 10.1/RPMS/libhylafax4.2.0-devel-4.2.0-1.1.101mdk.i586.rpm
1fae0a459f3dce423c904ab262921cba 10.1/SRPMS/hylafax-4.2.0-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
ccfce91efcd9e16651a6bb2995a2cc78 x86_64/10.1/RPMS/hylafax-4.2.0-1.1.101mdk.x86_64.rpm
6fd803abc59ec7d04f289d3aca50bd25 x86_64/10.1/RPMS/hylafax-client-4.2.0-1.1.101mdk.x86_64.rpm
b7ee9463f3bdf38fa1c1f5271d1d4022 x86_64/10.1/RPMS/hylafax-server-4.2.0-1.1.101mdk.x86_64.rpm
394b51eaef66c424ce9d448dd4ab237e x86_64/10.1/RPMS/lib64hylafax4.2.0-4.2.0-1.1.101mdk.x86_64.rpm
75fbf7eb72ba172e204612580e58b2f1 x86_64/10.1/RPMS/lib64hylafax4.2.0-devel-4.2.0-1.1.101mdk.x86_64.rpm
1fae0a459f3dce423c904ab262921cba x86_64/10.1/SRPMS/hylafax-4.2.0-1.1.101mdk.src.rpm

Vendor URL:  www.hylafax.org/ (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Mandriva/Mandrake)
Underlying OS Comments:  10.0, 10.1

Message History:   This archive entry is a follow-up to the message listed below.
Jan 12 2005 HylaFAX Validation Error Lets Remote Users Gain Access



 Source Message Contents

Subject:  [Security Announce] MDKSA-2005:006 - Updated hylafax packages fix


This is a multi-part message in MIME format...

------------=_1105600053-1462-750

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           hylafax
 Advisory ID:            MDKSA-2005:006
 Date:                   January 12th, 2005

 Affected versions:	 10.0, 10.1
 ______________________________________________________________________

 Problem Description:

 Patrice Fournier discovered a vulnerability in the authorization
 sub-system of hylafax.  A local or remote user guessing the contents
 of the hosts.hfaxd database could gain unauthorized access to the
 fax system.
 
 The updated packages are provided to prevent this issue.  Note that
 the packages included with Corporate Server 2.1 do not require this
 fix.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1182
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 ee579763c8d03a6700ed952b9ccec832  10.0/RPMS/hylafax-4.1.8-2.1.100mdk.i586.rpm
 342f2d7f890f2b31ef689eb0a308dee4  10.0/RPMS/hylafax-client-4.1.8-2.1.100mdk.i586.rpm
 998f0ad4665e364c607fae0d87bf6e63  10.0/RPMS/hylafax-server-4.1.8-2.1.100mdk.i586.rpm
 5113375fd58490f64f6b5c0293780a79  10.0/RPMS/libhylafax4.1.1-4.1.8-2.1.100mdk.i586.rpm
 996a95af88ca9ab77371448957b7271f  10.0/RPMS/libhylafax4.1.1-devel-4.1.8-2.1.100mdk.i586.rpm
 3530b9962aa58309aa59c1fd355d23ac  10.0/SRPMS/hylafax-4.1.8-2.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 8b37c55f1eaadd9c4a0645c43b4ad25c  amd64/10.0/RPMS/hylafax-4.1.8-2.1.100mdk.amd64.rpm
 cb3290ee2bf666ed51e427e59829459d  amd64/10.0/RPMS/hylafax-client-4.1.8-2.1.100mdk.amd64.rpm
 05451b45a4036f314933d15b755ea8d7  amd64/10.0/RPMS/hylafax-server-4.1.8-2.1.100mdk.amd64.rpm
 35310391ebce8f0a4085ed6b7d2ccd04  amd64/10.0/RPMS/lib64hylafax4.1.1-4.1.8-2.1.100mdk.amd64.rpm
 d1b71635033b9e72c86057a0f156c544  amd64/10.0/RPMS/lib64hylafax4.1.1-devel-4.1.8-2.1.100mdk.amd64.rpm
 3530b9962aa58309aa59c1fd355d23ac  amd64/10.0/SRPMS/hylafax-4.1.8-2.1.100mdk.src.rpm

 Mandrakelinux 10.1:
 2cbc9e6bd58daf7d2d15f6091416ca23  10.1/RPMS/hylafax-4.2.0-1.1.101mdk.i586.rpm
 80cf2d108124ebab09f2d92ffd3e2391  10.1/RPMS/hylafax-client-4.2.0-1.1.101mdk.i586.rpm
 b4e98805f61130b91b5cc98ba886af89  10.1/RPMS/hylafax-server-4.2.0-1.1.101mdk.i586.rpm
 5afec8caa3b77932c27d032e21a0eeed  10.1/RPMS/libhylafax4.2.0-4.2.0-1.1.101mdk.i586.rpm
 e5aafca41da67cacdef699983d81f3f0  10.1/RPMS/libhylafax4.2.0-devel-4.2.0-1.1.101mdk.i586.rpm
 1fae0a459f3dce423c904ab262921cba  10.1/SRPMS/hylafax-4.2.0-1.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 ccfce91efcd9e16651a6bb2995a2cc78  x86_64/10.1/RPMS/hylafax-4.2.0-1.1.101mdk.x86_64.rpm
 6fd803abc59ec7d04f289d3aca50bd25  x86_64/10.1/RPMS/hylafax-client-4.2.0-1.1.101mdk.x86_64.rpm
 b7ee9463f3bdf38fa1c1f5271d1d4022  x86_64/10.1/RPMS/hylafax-server-4.2.0-1.1.101mdk.x86_64.rpm
 394b51eaef66c424ce9d448dd4ab237e  x86_64/10.1/RPMS/lib64hylafax4.2.0-4.2.0-1.1.101mdk.x86_64.rpm
 75fbf7eb72ba172e204612580e58b2f1  x86_64/10.1/RPMS/lib64hylafax4.2.0-devel-4.2.0-1.1.101mdk.x86_64.rpm
 1fae0a459f3dce423c904ab262921cba  x86_64/10.1/SRPMS/hylafax-4.2.0-1.1.101mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFB5hXxmqjQ0CJFipgRAsKAAJ9BQXhAKBLMQ9rBpe+OfRpNGonKKgCg2NaN
kQcWe5+upOq+jtr7PT1q6NM=
=eiBI
-----END PGP SIGNATURE-----


------------=_1105600053-1462-750
Content-Type: text/plain; name="message.footer"
Content-Disposition: inline; filename="message.footer"
Content-Transfer-Encoding: 8bit

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

------------=_1105600053-1462-750--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC