CVE-2013-5680

HylaFAX+ 5.2.4-5.5.3 - Heap-Based Buffer Overflow via Long USER Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-5680. PoCs published by Dennis Jenkins.

AI-analyzed exploit summary This exploit demonstrates a heap-based buffer overflow in HylaFAX+ when LDAP authentication is enabled. The PoC sends a maliciously crafted USER command with excessive data to trigger the overflow, leading to a crash or potential arbitrary code execution.

Description

Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dennis Jenkins · textdoslinux
https://www.exploit-db.com/exploits/28683

This exploit demonstrates a heap-based buffer overflow in HylaFAX+ when LDAP authentication is enabled. The PoC sends a maliciously crafted USER command with excessive data to trigger the overflow, leading to a crash or potential arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: HylaFAX+ versions 5.2.4 through 5.5.3
No auth needed
Prerequisites: HylaFAX+ compiled with LDAP support · LDAP authentication enabled in hfaxd.conf
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory x_refsource_confirm
http://hylafax.sourceforge.net/news/5.5.4.php
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/528943
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/28683
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/62729
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1029119

Scores

EPSS 0.0785
EPSS Percentile 94.0%

Details

CWE
CWE-119
Status published
Products (13)
lee_howard/hylafax\+ 5.2.4
lee_howard/hylafax\+ 5.2.5
lee_howard/hylafax\+ 5.2.6
lee_howard/hylafax\+ 5.2.7
lee_howard/hylafax\+ 5.2.8
lee_howard/hylafax\+ 5.2.9
lee_howard/hylafax\+ 5.3.0
lee_howard/hylafax\+ 5.4.1
lee_howard/hylafax\+ 5.4.2
lee_howard/hylafax\+ 5.5.0
... and 3 more
Published Apr 06, 2014
Tracked Since Feb 18, 2026