CVE-2006-3126 capi4hylafax

Metadata

high
7.5
capi4hylafax
CVE-2006-3126
2017-06-18 07:03
CVE-2006-3126
2017-06-16 18:46
2017-04-01 19:11
2017-01-05 20:16

Description

c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster capi4hylafax 1:01.03.00.99.svn.300-3
jessie capi4hylafax 1:01.03.00.99.svn.300-3
sid capi4hylafax 1:01.03.00.99.svn.300-3
stretch capi4hylafax 1:01.03.00.99.svn.300-3
wheezy capi4hylafax 1:01.03.00.99.svn.300-3