RSS   Podatności dla 'Mgetty'   RSS

2008-11-05
 
CVE-2008-4936

CWE-59
 

 
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.

 
2003-08-18
 
CVE-2003-0517

 

 
faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.

 
 
CVE-2003-0516

 

 
cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

 
2003-01-17
 
CVE-2002-1392

 

 
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.

 
 
CVE-2002-1391

 

 
Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.

 
2001-03-12
 
CVE-2001-0141

 

 
mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

 
2000-10-20
 
CVE-2000-0691

 

 
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.

 


Copyright 2024, cxsecurity.com

 

Back to Top