- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200610-05 (CAPI4Hylafax fax receiver: Execution of arbitrary code)
Lionel Elie Mamane discovered an error in c2faxrecv, which doesn't properly sanitize TSI strings when handling incoming calls.
Impact :
A remote attacker can send null (\\0) and shell metacharacters in the TSI string from an anonymous fax number, leading to the execution of arbitrary code with the rights of the user running c2faxrecv.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top