VULHUB ™

HylaFAX is a telecommunication system for UNIX systems. HylaFAX includes a server that can recieve requests to send facsimile's from authorized hosts over a network. The server binary, hfaxd, is installed setuid root by default and executable by everyone. 'hfaxd' contains a likely exploitable format string vulnerability involving the use of syslog(). Since 'hfaxd' is installed setuid root and executable by everybody, successful exploitation would provide root access to an attacker.

HylaFAX is a telecommunication system for UNIX systems. HylaFAX includes a server that can recieve requests to send facsimile's from authorized hosts over a network. The server binary, hfaxd, is installed setuid root by default and executable by everyone. 'hfaxd' contains a likely exploitable format string vulnerability involving the use of syslog(). Since 'hfaxd' is installed setuid root and executable by everybody, successful exploitation would provide root access to an attacker.