CVE-2013-5680

Name of the Vulnerable Software and Affected Versions HylaFAX+ versions 5.2.4 through 5.5.3

Description A heap-based buffer overflow issue exists in the hfaxd component of HylaFAX+ when using LDAP authentication. This could potentially allow remote attackers to cause a denial of service or execute arbitrary code via a long USER command.

Recommendations For HylaFAX+ versions 5.2.4 through 5.5.3, consider disabling LDAP authentication as a temporary workaround until a patch is available. Restrict access to the hfaxd component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.