In HylaFAX+ up to and including 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hylafax\\+ project hylafax\\+ |
||
ifax hylafax enterprise - |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
opensuse leap 15.1 |
||
opensuse backports sle 15.0 |
||
opensuse leap 15.2 |