CVE-2013-5680

Published Apr 6, 2014

Last updated 7 years ago

Overview

Description: Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A851353B-EF1F-4E9F-ADF4-D6B7714B8A4D"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32B43F2A-9700-4B2C-8F11-E056F4C6B464"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2BD2935-99EC-4382-9C2F-5ABE0E327332"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D068E906-9EFC-4BC8-BF21-BB646DE1FF83"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A29C3F6C-AFB2-4964-B57F-F291D56D8EEA"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C123AE4-626D-4DAA-BC27-43C3AFEE5597"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B366B048-1872-4DE5-9B67-0158CC6634AD"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E08FB8B1-C86E-4D56-B218-01E813D9D730"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36206556-4DE0-4B97-B4CF-10C2CCEC31B6"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF2351B7-70CE-4A70-9511-AA1EFFBC4361"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13364434-3D3F-4F07-8155-BE034A1265F7"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED1E9D6F-A1FC-48F8-8B6B-E97C0ADA4E9F"
          },
          {
            "criteria": "cpe:2.3:a:lee_howard:hylafax\\+:5.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAC95275-A886-4468-85C8-9FC0A5F3C372"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References