Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lee_howard | hylafax+ | 5.5.1 |
| lee_howard | hylafax+ | 5.2.8 |
| lee_howard | hylafax+ | 5.5.0 |
| lee_howard | hylafax+ | 5.2.5 |
| lee_howard | hylafax+ | 5.5.3 |
| lee_howard | hylafax+ | 5.3.0 |
| lee_howard | hylafax+ | 5.2.6 |
| lee_howard | hylafax+ | 5.2.9 |
| lee_howard | hylafax+ | 5.4.2 |
| lee_howard | hylafax+ | 5.4.1 |
| lee_howard | hylafax+ | 5.5.2 |
| lee_howard | hylafax+ | 5.2.7 |
| lee_howard | hylafax+ | 5.2.4 |