Download
| Alert*
|
oval:org.secpod.oval:def:2000895
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter. oval:org.secpod.oval:def:89043825 This update for mgetty fixes the following security issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached ... oval:org.secpod.oval:def:89002530 This update for mgetty fixes the following issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it - CVE ... oval:org.secpod.oval:def:89049651 This update for mgetty fixes the following issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection . - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it . - C ... |
