HylaFax 4.2.1 and earlier UNIX Domain Socket Ownership Vulnerability

HylaFax 4.2.1 and earlier UNIX Domain Socket Ownership Vulnerability

CVE-2005-3070 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:P

HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file.

Learn more about our User Device Pen Test.