Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:2894-1

Опубликовано: 27 сент. 2018
Источник: suse-cvrf

Описание

Security update for mgetty

This update for mgetty fixes the following issues:

  • CVE-2018-16741: The function do_activate() did not properly sanitize shell metacharacters to prevent command injection (bsc#1108752).
  • CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it (bsc#1108756).
  • CVE-2018-16744: The mail_to parameter was not sanitized, leading to command injection if untrusted input reached reach it (bsc#1108757).
  • CVE-2018-16742: Prevent stack-based buffer overflow that could have been triggered via a command-line parameter (bsc#1108762).
  • CVE-2018-16743: The command-line parameter username wsa passed unsanitized to strcpy(), which could have caused a stack-based buffer overflow (bsc#1108761).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15
g3utils-1.1.37-3.3.2
mgetty-1.1.37-3.3.2

Ссылки

Описание

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:g3utils-1.1.37-3.3.2
SUSE Linux Enterprise Module for Basesystem 15:mgetty-1.1.37-3.3.2
Ссылки

Описание

An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:g3utils-1.1.37-3.3.2
SUSE Linux Enterprise Module for Basesystem 15:mgetty-1.1.37-3.3.2
Ссылки

Описание

An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:g3utils-1.1.37-3.3.2
SUSE Linux Enterprise Module for Basesystem 15:mgetty-1.1.37-3.3.2
Ссылки

Описание

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:g3utils-1.1.37-3.3.2
SUSE Linux Enterprise Module for Basesystem 15:mgetty-1.1.37-3.3.2
Ссылки

Описание

An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:g3utils-1.1.37-3.3.2
SUSE Linux Enterprise Module for Basesystem 15:mgetty-1.1.37-3.3.2
Ссылки