CVE-2004-1182 in HylaFAXinfo

Summary

hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/13/2004

Disclosure

12/31/2004

Moderation

VulDB entry created

Entries

1: VDB-22663

CPE

ready

CWE

CWE-284 (Unconfirmed)

CVSS

7.3

EPSS

0.00552

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1182
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1182
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1182/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!