Mgetty Security Vulnerabilities and Issues — Mgetty CVE List

Lucene search

Gert DoeringMgetty

6 matches found

CVE•added 2008/11/05 3:0 p.m.•46 views

CVE-2008-4936

faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.

6.9CVSS5.9AI score0.00028EPSS

CVE•added 2003/08/18 4:0 a.m.•43 views

CVE-2003-0516

cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

7.5CVSS7.7AI score0.00904EPSS

CVE•added 2000/10/20 4:0 a.m.•40 views

CVE-2000-0691

The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.

2.1CVSS6.7AI score0.00248EPSS

CVE•added 2001/05/07 4:0 a.m.•40 views

CVE-2001-0141

mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

1.2CVSS6.2AI score0.00076EPSS

CVE•added 2004/09/01 4:0 a.m.•40 views

CVE-2002-1391

Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.

7.5CVSS7.9AI score0.03001EPSS

CVE•added 2004/09/01 4:0 a.m.•39 views

CVE-2002-1392

faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.

2.1CVSS6.1AI score0.00078EPSS