[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4291-1 mgetty -- mgetty

ID: oval:org.secpod.oval:def:603512Date: (C)2018-09-18   (M)2023-07-25
Class: PATCHFamily: unix




Two input sanitization failures have been found in the faxrunq and faxq binaries in mgetty, a smart modem getty replacement. An attacker could leverage them to insert commands via shell metacharacters in jobs id and have them executed with the privilege of the faxrunq/faxq user.

Platform:
Debian 9.x
Product:
mgetty
Reference:
DSA-4291-1
CVE-2018-16741
CVE    1
CVE-2018-16741
CPE    4
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:9.x
cpe:/a:greenie:mgetty
cpe:/o:debian:debian_linux:8.0
...

© SecPod Technologies