CVE-2006-3126

c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null () and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.

Date published : 2006-09-05

http://www.securityfocus.com/bid/19801

http://www.debian.org/security/2006/dsa-1165