Vulnerability Details CVE-2020-15396
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00054.html
- https://bugzilla.suse.com/show_bug.cgi?id=1173521
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J52QFVREJWJ35YSEEDDRMZQ2LM2H2WE6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y46FOVJUS5SO44A2VEKR7DXEHTI4WK5L/
- https://security.gentoo.org/glsa/202007-06
- https://sourceforge.net/p/hylafax/HylaFAX+/2534/
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00054.html
- https://bugzilla.suse.com/show_bug.cgi?id=1173521
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J52QFVREJWJ35YSEEDDRMZQ2LM2H2WE6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y46FOVJUS5SO44A2VEKR7DXEHTI4WK5L/
- https://security.gentoo.org/glsa/202007-06
- https://sourceforge.net/p/hylafax/HylaFAX+/2534/
Products affected by CVE-2020-15396
-
cpe:2.3:a:hylafax+_project:hylafax+:5.1.12
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.0
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.1
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.2
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.3
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.4
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.5
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.6
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.7
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.8
-
cpe:2.3:a:hylafax+_project:hylafax+:5.2.9
-
cpe:2.3:a:hylafax+_project:hylafax+:5.3.0
-
cpe:2.3:a:hylafax+_project:hylafax+:5.4.1
-
cpe:2.3:a:hylafax+_project:hylafax+:5.4.2
-
cpe:2.3:a:hylafax+_project:hylafax+:5.4.3
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.0
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.1
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.2
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.3
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.4
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.5
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.6
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.7
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.8
-
cpe:2.3:a:hylafax+_project:hylafax+:5.5.9
-
cpe:2.3:a:hylafax+_project:hylafax+:5.6.0
-
cpe:2.3:a:hylafax+_project:hylafax+:5.6.1
-
cpe:2.3:a:hylafax+_project:hylafax+:7.0.0
-
cpe:2.3:a:hylafax+_project:hylafax+:7.0.1
-
cpe:2.3:a:ifax:hylafax_enterprise:-
-
cpe:2.3:a:opensuse:backports_sle:15.0
-
cpe:2.3:o:fedoraproject:fedora:31
-
cpe:2.3:o:fedoraproject:fedora:32
-
cpe:2.3:o:opensuse:leap:15.1
-
cpe:2.3:o:opensuse:leap:15.2