CVE-2018-16742

Опубликовано: 13 сент. 2018

Источник: redhat

CVSS3: 2.9

EPSS Низкий

Описание

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.

Отчет

This issue did not affect the versions of mgetty as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include the scrts binary, which is found in the contribs directory of the upstream source code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	mgetty	Not affected
Red Hat Enterprise Linux 6	mgetty	Not affected
Red Hat Enterprise Linux 7	mgetty	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=1629971mgetty: Stack-based buffer overflow in contrib/scrts.c triggered via command line parameter

EPSS

Процентиль: 20%

0.00063

Низкий

2.9 Low

CVSS3

Связанные уязвимости

CVE-2018-16742

CVSS3: 7.8

ubuntu

больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.

CVE-2018-16742

CVSS3: 7.8

nvd

больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.

CVE-2018-16742

CVSS3: 7.8

debian

больше 7 лет назад

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a ...

GHSA-4qch-qm87-8j72

CVSS3: 7.8

github

больше 3 лет назад

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.

openSUSE-SU-2018:3108-1

suse-cvrf

больше 7 лет назад

Security update for mgetty

EPSS

Процентиль: 20%

0.00063

Низкий

2.9 Low

CVSS3