Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-1182
CVE-2004-1182
Description
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:hylafax:hylafax:4.1.1:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:hylafax:hylafax:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.1_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:hylafax:hylafax:4.2.0:*:*:*:*:*:*:*
- (no CPE)range: <4.2.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.