Lucene search
+L

262 matches found

NVD
NVD
added 2018/09/13 4:29 p.m.13 views

CVE-2018-16741

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function doactivate does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or characters within a file created by the "faxq-helper activate " command...

7.8CVSS7.8AI score0.01323EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.5 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.7AI score
Exploits0References1
OSV
OSV
added 2018/09/13 4:29 p.m.2 views

DEBIAN-CVE-2018-16741

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function doactivate does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or characters within a file created by the "faxq-helper activate " command...

7.8CVSS7.7AI score0.01323EPSS
Exploits2References1
OSV
OSV
added 2018/09/13 4:29 p.m.5 views

UBUNTU-CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

7.8CVSS7.2AI score0.00448EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.3 views

DEBIAN-CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

7.8CVSS7.3AI score0.00448EPSS
Exploits2References1
OSV
OSV
added 2018/09/13 4:29 p.m.1 views

DEBIAN-CVE-2018-16744

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...

7.8CVSS6AI score0.01034EPSS
Exploits2References1
OSV
OSV
added 2018/09/13 4:29 p.m.4 views

UBUNTU-CVE-2018-16744

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...

7.8CVSS6.7AI score0.01034EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.3 views

UBUNTU-CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7AI score0.00448EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.3 views

UBUNTU-CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

7.8CVSS7AI score0.00448EPSS
Exploits2References3
OSV
OSV
added 2018/09/13 4:29 p.m.7 views

CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

7.8CVSS7.7AI score
Exploits0References1
Cvelist
Cvelist
added 2018/09/13 4:0 p.m.23 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.6AI score0.00448EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/09/13 4:0 p.m.21 views

CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

7.7AI score0.00448EPSS
Exploits2References1
CVE
CVE
added 2018/09/13 4:0 p.m.60 views

CVE-2018-16744

Summary: CVE-2018-16744 affects mgetty before 1.2.1. In fax_notify_mail() (faxrec.c), the mail_to parameter is not sanitized, and because popen is used, untrusted input could trigger a command injection. The issue is documented across multiple advisories (e.g., Red Hat open/unpatched statuses) an...

7.8CVSS7.7AI score0.01034EPSS
Exploits2References1Affected Software1
Debian CVE
Debian CVE
added 2018/09/13 4:0 p.m.65 views

CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

7.8CVSS7.8AI score0.00448EPSS
Exploits2
CVE
CVE
added 2018/09/13 4:0 p.m.71 views

CVE-2018-16745

CVE-2018-16745 concerns mgetty before 1.2.1. In fax_notify_mail()’s faxrec.c, the mail_to parameter is not sanitized, which could allow a buffer overflow if long untrusted input reaches it. This is the root cause and potential impact described in the public CVE entry. The connected documents conf...

7.8CVSS7.6AI score0.00448EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/09/13 4:0 p.m.58 views

CVE-2018-16743

CVE-2018-16743 affects mgetty prior to 1.2.1. In contrib/next-login/login.c, the username command-line parameter is passed unsanitized to strcpy(), causing a stack-based buffer overflow. This is a local vulnerability with potential partial confidentiality/integrity/availability impact. Mitigation...

7.8CVSS7.3AI score0.00448EPSS
Exploits2References1Affected Software1
Debian CVE
Debian CVE
added 2018/09/13 4:0 p.m.44 views

CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

7.8CVSS7.7AI score0.00448EPSS
Exploits2
CVE
CVE
added 2018/09/13 4:0 p.m.60 views

CVE-2018-16742

CVE-2018-16742 affects mgetty prior to 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered by a command-line parameter, enabling potential memory corruption. Affected versions are older than 1.2.1; mitigation is to upgrade to 1.2.1 or later (as reflected in vendor advisories...

7.8CVSS7.5AI score0.00448EPSS
Exploits2References1Affected Software1
Debian CVE
Debian CVE
added 2018/09/13 4:0 p.m.37 views

CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

7.8CVSS7.5AI score0.00448EPSS
Exploits2
Cvelist
Cvelist
added 2018/09/13 4:0 p.m.17 views

CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

7.4AI score0.00448EPSS
Exploits2References1
Rows per page
Query Builder