Lucene search
+L

262 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 6 : mgetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...

7.8CVSS8.6AI score0.01323EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.14 views

RHEL 5 : mgetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...

7.5AI score0.01323EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.16 views

RHEL 7 : mgetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...

8.5AI score0.01323EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 6 : mgetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...

7.5AI score0.01323EPSS
Exploits4References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.3 views

SUSE CVE-2008-4936

faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp. temporary file...

6.9CVSS6.7AI score0.00415EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.2 views

SUSE CVE-2018-16741

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function doactivate does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or characters within a file created by the "faxq-helper activate " command...

7.3CVSS9.4AI score0.01323EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16742

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter...

2.9CVSS7.5AI score0.00448EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16743

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy, which can cause a stack-based buffer overflow...

2.9CVSS7.3AI score0.00448EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16744

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...

2.9CVSS7.6AI score0.01034EPSS
Exploits2References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.6 views

SUSE CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

2.9CVSS7.4AI score0.00448EPSS
Exploits2References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2019-1010190

mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1...

2.8CVSS6.8AI score0.00843EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/02/07 12:0 a.m.7 views

The vulnerability of the do_activate() function in the mgetty package allows a hacker to execute arbitrary commands.

The vulnerability of the doactivate function in the mgetty package is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands using symbols like ||, &&, or...

7.8CVSS7.6AI score0.01323EPSS
Exploits2References10Affected Software6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2020-0076)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00835EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2018-0402)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.01323EPSS
Exploits6References4
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for mgetty (EulerOS-SA-2021-2408)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00843EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.21 views

EulerOS 2.0 SP2 : mgetty (EulerOS-SA-2021-2408)

According to the version of the mgetty package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is:...

5.5CVSS5.8AI score0.00843EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2021/07/02 5:29 p.m.20 views

Advisory ROSA-SA-2021-1919

Software: mgetty 1.1.36 OS: Cobalt 7.9 CVE-ID: CVE-2018-16741 CVE-Crit: HIGH CVE-DESC: A problem was found in mgetty before 1.2.1. In the file fax / faxq-helper.c, the doactivate function does not properly handle shell metacharacters to prevent commands from being injected. You can use the...

7.8CVSS7.6AI score0.01323EPSS
Exploits6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2018:2850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.01323EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:0957-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00843EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for mgetty (EulerOS-SA-2021-1818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00843EPSS
Exploits0References2
Rows per page
Query Builder