CVE-2005-3070 Information

Description

HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329384 http://secunia.com/advisories/17107 http://www.mandriva.com/security/advisories?name=MDKSA-2005:177 http://www.securityfocus.com/bid/15043