Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-16744

Опубликовано: 13 сент. 2018
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:mgetty_project:mgetty:*:*:*:*:*:*:*:*
Версия до 1.2.1 (исключая)

EPSS

Процентиль: 70%
0.00645
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

ubuntu логотип

CVE-2018-16744

CVSS3: 7.8
ubuntu
больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.

redhat логотип

CVE-2018-16744

CVSS3: 4.1
redhat
больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.

debian логотип

CVE-2018-16744

CVSS3: 7.8
debian
больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() i ...

github логотип

GHSA-86wq-gv4v-p8jq

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.

suse-cvrf логотип

openSUSE-SU-2018:3108-1

suse-cvrf
больше 7 лет назад

Security update for mgetty

EPSS

Процентиль: 70%
0.00645
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-78