HylaFAX: hfaxd unauthorized login vulnerability — GLSA 200501-21

HylaFAX is subject to a vulnerability in its username matching code, potentially allowing remote users to bypass access control lists.

Affected packages

Package 	net-misc/hylafax on all architectures
Affected versions 	< 4.2.0-r2
Unaffected versions 	>= 4.2.0-r2

Background

HylaFAX is a software package for sending and receiving facsimile messages.

Description

The code used by hfaxd to match a given username and hostname with an entry in the hosts.hfaxd file is insufficiently protected against malicious entries.

Impact

If the HylaFAX installation uses a weak hosts.hfaxd file, a remote attacker could authenticate using a malicious username or hostname and bypass the intended access restrictions.

Workaround

As a workaround, administrators may consider adding passwords to all entries in the hosts.hfaxd file.

Resolution

All HylaFAX users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-misc/hylafax-4.2.0-r2"

Note: Due to heightened security, weak entries in the hosts.hfaxd file may no longer work. Please see the HylaFAX documentation for details of accepted syntax in the hosts.hfaxd file.
References

    CAN-2004-1182
    HylaFAX Announcement