CVE-2004-1182

Publication date 31 December 2004

Last updated 17 July 2025

Ubuntu priority

Description

hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
hylafax	7.04 feisty	Fixed 4.2.5-1
	6.10 edgy	Fixed 4.2.5-1
	6.06 LTS dapper	Fixed 4.2.5-1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-1182