Errata ALT-PU-2020-3522-1: Information
Fixes
Published: Sept. 13, 2018
BDU:2018-01132
Уязвимость функции fax_notify_mail пакета mgetty операционных систем Red Hat Enterprise Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.9) Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Links:
Published: Sept. 11, 2018
BDU:2022-00618
Уязвимость функции do_activate() пакета mgetty, позволяющая нарушителю выполнить произвольные команды
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 13, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-16741
An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 13, 2018
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2018-16742
An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 13, 2018
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2018-16743
An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 13, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-16744
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 13, 2018
Modified: Nov. 1, 2018
Modified: Nov. 1, 2018
CVE-2018-16745
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 24, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-1010189
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 24, 2019
Modified: April 12, 2020
Modified: April 12, 2020
CVE-2019-1010190
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links: