23 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-16744
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if...
RHEL 7 : mgetty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...
RHEL 5 : mgetty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...
RHEL 6 : mgetty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...
RHEL 5 : mgetty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...
Mageia: Security Advisory (MGASA-2018-0402)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mgetty (EulerOS-SA-2020-2368)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mgetty (EulerOS-SA-2020-2257)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mgetty (EulerOS-SA-2020-2140)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : mgetty (openSUSE-2019-737)
This update for mgetty fixes the following issues : - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input...
SUSE SLED15 / SLES15 Security Update : mgetty (SUSE-SU-2018:2894-1)
This update for mgetty fixes the following issues : CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reached ...
Updated mgetty packages fix security vulnerabilities
Updated mgetty packages fix security vulnerabilities: The function doactivate did not properly sanitize shell metacharacters to prevent command injection CVE-2018-16741. Stack-based buffer overflow that could have been triggered via a command-line parameter CVE-2018-16742. The command-line...
openSUSE Security Update : mgetty (openSUSE-2018-1144)
This update for mgetty fixes the following issues : - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
Security update for mgetty (moderate)
This update for mgetty fixes the following issues: - CVE-2018-16741: Fixed a command injection in fax/faxq-helper.c boo1108752 - CVE-2018-16742: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter boo1108762 - CVE-2018-16743: Stack-based buffer overflow with long...
SUSE SLED12 / SLES12 Security Update : mgetty (SUSE-SU-2018:2979-1)
This update for mgetty fixes the following security issues : CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input...
SUSE-SU-2018:2979-1 Security update for mgetty
This update for mgetty fixes the following security issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted inp...
openSUSE Security Update : mgetty (openSUSE-2018-1080)
This update for mgetty fixes the following issues : - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input...
Security update for mgetty (important)
This update for mgetty fixes the following issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reach...
SUSE SLES11 Security Update : mgetty (SUSE-SU-2018:2850-1)
This update for mgetty fixes the following issues : CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reached i...
CVE-2018-16744
An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...