EUVD-2018-8543

Malware in sbrugna...

SUSE-SU-2018:2979-1 Security update for mgetty

This update for mgetty fixes the following security issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted inp...

SUSE-SU-2018:2894-1 Security update for mgetty

This update for mgetty fixes the following issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752. - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reach...

SUSE-SU-2018:2850-1 Security update for mgetty

This update for mgetty fixes the following issues: - CVE-2018-16741: The function doactivate did not properly sanitize shell metacharacters to prevent command injection bsc1108752 - CVE-2018-16745: The mailto parameter was not sanitized, leading to a buffer overflow if long untrusted input reache...

CVE-2018-16741

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function doactivate does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or characters within a file created by the "faxq-helper activate " command...

CVE-2018-16745

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it...

CVE-2018-16744

An issue was discovered in mgetty before 1.2.1. In faxnotifymail in faxrec.c, the mailto parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used...

DSA-4291-1 mgetty - security update

Bulletin has no description...

CVE-2008-4936

faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp. temporary file...

CVE-2002-1392

faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges...

CVE-2002-1392

faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges...

RHEL 2.1 : mgetty (RHSA-2003:008)

Updated Mgetty packages are now available to fix a possible buffer overflow and a permissions problem. Mgetty is a getty replacement for use with data and fax modems. Mgetty can be configured to run an external program to decide whether or not to answer an incoming call based on Caller ID...

Low: Red Hat Security Advisory: mgetty security update

Updated Mgetty packages are now available to fix a possible buffer overflow and a permissions problem. Mgetty is a getty replacement for use with data and fax modems. Mgetty can be configured to run an external program to decide whether or not to answer an incoming call based on Caller ID...

[SECURITY] [DSA-011-1] New version of mgetty released

Package: mgetty Vulnerability: insecure tempfile Debian-specific: no Immunix reports that mgetty does not create temporary files in a secure manner, which could lead to a symlink attack. This has been corrected in mgetty 1.1.21-3potato1 We recommend you upgrade your mgetty package immediately. wg...