ID CVE-2018-16741
Summary An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Last major update 13-09-2018 - 12:29
Published 13-09-2018 - 12:29
Last modified 13-09-2018 - 12:29
Back to Top