Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:006: hylafax Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the hylafax package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:006 (hylafax).
Patrice Fournier discovered a vulnerability in the authorization sub-system of
hylafax. A local or remote user guessing the contents of the hosts.hfaxd
database could gain unauthorized access to the fax system.
The updated packages are provided to prevent this issue. Note that the packages
included with Corporate Server 2.1 do not require this fix.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:006
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.