Lucene search
SuseOPENSUSE-SU-2018:2942-1HistorySep 28, 2018 - 9:08 p.m.
Security update for mgetty (important)
2018-09-2821:08:15
lists.opensuse.org
137
0.001 Low
EPSS
Percentile
40.3%
This update for mgetty fixes the following issues:
- CVE-2018-16741: The function do_activate() did not properly sanitize
shell metacharacters to prevent command injection (bsc#1108752). - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a
buffer
overflow if long untrusted input reached it (bsc#1108756). - CVE-2018-16744: The mail_to parameter was not sanitized, leading to
command injection if untrusted input reached reach it (bsc#1108757). - CVE-2018-16742: Prevent stack-based buffer overflow that could have been
triggered via a command-line parameter (bsc#1108762). - CVE-2018-16743: The command-line parameter username wsa passed
unsanitized to strcpy(), which could have caused a stack-based buffer
overflow (bsc#1108761).
This update was imported from the SUSE:SLE-15:Update update project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.0 | x86_64 | sendfax | < 1.1.37-lp150.2.3.1 | sendfax-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | sendfax-debuginfo | < 1.1.37-lp150.2.3.1 | sendfax-debuginfo-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | mgetty-debugsource | < 1.1.37-lp150.2.3.1 | mgetty-debugsource-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | g3utils-debuginfo | < 1.1.37-lp150.2.3.1 | g3utils-debuginfo-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | mgetty | < 1.1.37-lp150.2.3.1 | mgetty-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | mgetty-debuginfo | < 1.1.37-lp150.2.3.1 | mgetty-debuginfo-1.1.37-lp150.2.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | g3utils | < 1.1.37-lp150.2.3.1 | g3utils-1.1.37-lp150.2.3.1.x86_64.rpm |
Related
openvas
openvas
openSUSE: Security Advisory for mgetty (openSUSE-SU-2018:2942-1)
2018-10-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2979-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for mgetty (openSUSE-SU-2018:3108-1)
2018-10-13 00:00:00
nessus
nessus
SUSE SLES11 Security Update : mgetty (SUSE-SU-2018:2850-1)
2018-09-27 00:00:00
SUSE SLED15 / SLES15 Security Update : mgetty (SUSE-SU-2018:2894-1)
2019-01-02 00:00:00
SUSE SLED12 / SLES12 Security Update : mgetty (SUSE-SU-2018:2979-1)
2018-10-03 00:00:00
zdt
zdt
mgetty 1.2.0 Buffer Overflow / Privilege Escalation Vulnerabilities
2018-09-21 00:00:00
suse
suse
Security update for mgetty (moderate)
2018-10-12 12:10:55
mageia
mageia
Updated mgetty packages fix security vulnerabilities
2018-10-19 21:00:37
rosalinux
rosalinux
Advisory ROSA-SA-2021-1919
2021-07-02 17:29:39
fedora
fedora
[SECURITY] Fedora 28 Update: mgetty-1.1.37-10.fc28
2019-02-27 01:16:25
[SECURITY] Fedora 29 Update: mgetty-1.1.37-11.fc29
2019-02-27 03:29:09
cve
cve
cvelist
cvelist
prion
prion
Stack overflow
2018-09-13 16:29:00
Stack overflow
2018-09-13 16:29:00
Command injection
2018-09-13 16:29:00
nvd
nvd
redhatcve
redhatcve
debiancve
debiancve
ubuntucve
ubuntucve
osv
osv
mgetty - security update
2018-09-11 00:00:00
mgetty - security update
2018-09-12 00:00:00
debian
debian
[SECURITY] [DLA 1502-1] mgetty security update
2018-09-12 06:31:55
[SECURITY] [DSA 4291-1] mgetty security update
2018-09-11 20:03:31
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801r
2018-10-26 21:10:01