Bugtraq mailing list archives
hylafax
From: christer.oberg () gmx net
Date: Sun, 23 Sep 2001 11:50:45 +0200 (MEST)
There are some format strings vulnerbilities in the lastest hylafax package try faxrm -h %x 1 or faxalter -h %x -D 1 for "proof of concept". Both faxrm and faxalter are installed setuid uucp on FreeBSD (installed from port collection). uid uucp is not that exciting but with some luck you'll find uucp owned binaries running from cron with uid 0. -- Sent through GMX FreeMail - http://www.gmx.net
Current thread:
- hylafax christer . oberg (Sep 24)
- Re: hylafax Robert van der Meulen (Sep 24)
- Re: hylafax KF (Sep 24)