Secunia Security Advisory - Mandriva has issued an update for hylafax. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
69ae75502815d96ba904313311d54b2f7676c3aaacdc899196d07a64a73ec911
TITLE:
Mandriva update for hylafax
SECUNIA ADVISORY ID:
SA17107
VERIFY ADVISORY:
http://secunia.com/advisories/17107/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
OPERATING SYSTEM:
Mandrakelinux 10.1
http://secunia.com/product/4198/
Mandrake Corporate Server 2.x
http://secunia.com/product/1222/
DESCRIPTION:
Mandriva has issued an update for hylafax. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
For more information:
SA16906
An incorrect use of Unix domain sockets has also been fixed.
SOLUTION:
Apply updated packages.
Mandrakelinux 10.1:
f7ca9274944776e0c8a697b77cc517ea
10.1/RPMS/hylafax-4.2.0-1.3.101mdk.i586.rpm
c49a39ddf8151f10b06b0ac70dc9c3e8
10.1/RPMS/hylafax-client-4.2.0-1.3.101mdk.i586.rpm
77211d2fe0790d276694b1cf3d2d855c
10.1/RPMS/hylafax-server-4.2.0-1.3.101mdk.i586.rpm
aaaca7a343600961e87f6c6e4ead0c8d
10.1/RPMS/libhylafax4.2.0-4.2.0-1.3.101mdk.i586.rpm
da5bce1b0c53e298dcd7cb5ef0dbab5d
10.1/RPMS/libhylafax4.2.0-devel-4.2.0-1.3.101mdk.i586.rpm
ca2bdc57603dda7f982c59626d9e2a02
10.1/SRPMS/hylafax-4.2.0-1.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
35f7d808588e1d9ad5b8de2c9e5c8cb0
x86_64/10.1/RPMS/hylafax-4.2.0-1.3.101mdk.x86_64.rpm
1b8a373e8d1d005b4b14124dba7b5df1
x86_64/10.1/RPMS/hylafax-client-4.2.0-1.3.101mdk.x86_64.rpm
5f169d7d2377d8066e2d13c771d431eb
x86_64/10.1/RPMS/hylafax-server-4.2.0-1.3.101mdk.x86_64.rpm
677f9360dcdfca9f86967ad4c6f738f1
x86_64/10.1/RPMS/lib64hylafax4.2.0-4.2.0-1.3.101mdk.x86_64.rpm
e2185b51d1d9568ccca76e37cd99e98b
x86_64/10.1/RPMS/lib64hylafax4.2.0-devel-4.2.0-1.3.101mdk.x86_64.rpm
ca2bdc57603dda7f982c59626d9e2a02
x86_64/10.1/SRPMS/hylafax-4.2.0-1.3.101mdk.src.rpm
Corporate Server 2.1:
e0e77173d66d6a0c31ffc84cd40a4253
corporate/2.1/RPMS/hylafax-4.1.3-5.3.C21mdk.i586.rpm
6f38a677c369b3a2110bd508a2a439e3
corporate/2.1/RPMS/hylafax-client-4.1.3-5.3.C21mdk.i586.rpm
fce937eeb3257adefe370294bbb8516e
corporate/2.1/RPMS/hylafax-server-4.1.3-5.3.C21mdk.i586.rpm
bfe2fedab3fdbbb726995e4a6e4a93ac
corporate/2.1/RPMS/libhylafax4.1.1-4.1.3-5.3.C21mdk.i586.rpm
c4b2bb4b1ab084a2949a934978a33d7f
corporate/2.1/RPMS/libhylafax4.1.1-devel-4.1.3-5.3.C21mdk.i586.rpm
763f4270d854d27b53c83c378bf81151
corporate/2.1/SRPMS/hylafax-4.1.3-5.3.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
213b760b160484b8e17e5da32f974048
x86_64/corporate/2.1/RPMS/hylafax-4.1.3-5.3.C21mdk.x86_64.rpm
a4069af7c182c925844fcdcbad0b6ad6
x86_64/corporate/2.1/RPMS/hylafax-client-4.1.3-5.3.C21mdk.x86_64.rpm
840537452b7e5dcc83e36d72e5b9071f
x86_64/corporate/2.1/RPMS/hylafax-server-4.1.3-5.3.C21mdk.x86_64.rpm
2897c385ffe1e5c5ee76d01114ad6bee
x86_64/corporate/2.1/RPMS/libhylafax4.1.1-4.1.3-5.3.C21mdk.x86_64.rpm
674cef6c3e5b272e048218eb5e6ca8a2
x86_64/corporate/2.1/RPMS/libhylafax4.1.1-devel-4.1.3-5.3.C21mdk.x86_64.rpm
763f4270d854d27b53c83c378bf81151
x86_64/corporate/2.1/SRPMS/hylafax-4.1.3-5.3.C21mdk.src.rpm
ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2005:177
OTHER REFERENCES:
SA16906:
http://secunia.com/advisories/16906/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------