Download
| Alert*
oval:org.secpod.oval:def:116040
mgetty is installed oval:org.secpod.oval:def:605212 mgetty is installed oval:org.secpod.oval:def:89002530 This update for mgetty fixes the following issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it - CVE ... oval:org.secpod.oval:def:116039 The mgetty package contains a "smart" getty which allows logins over a serial line . If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a mode ... oval:org.secpod.oval:def:89049651 This update for mgetty fixes the following issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection . - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it . - C ... oval:org.secpod.oval:def:116046 The mgetty package contains a "smart" getty which allows logins over a serial line . If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a mode ... oval:org.secpod.oval:def:2004857 mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1. oval:org.secpod.oval:def:89050302 This update for mgetty fixes the following issues: - CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan . - Fixed a permission issue which have resulted in build failures . oval:org.secpod.oval:def:89000138 This update for mgetty fixes the following issues: - CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan . oval:org.secpod.oval:def:2004858 mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1. |