- Home
- CVEs with nessus.description==This update for mgetty fixes the following security issues :
CVE-2018-16741: The function do_activate() did not properly sanitize
shell metacharacters to prevent command injection (bsc#1108752)
CVE-2018-16745: The mail_to parameter was not sanitized, leading to a
buffer overflow if long untrusted input reached it (bsc#1108756)
CVE-2018-16744: The mail_to parameter was not sanitized, leading to
command injection if untrusted input reached reach it (bsc#1108757)
CVE-2018-16742: Prevent stack-based buffer overflow that could have
been triggered via a command-line parameter (bsc#1108762)
CVE-2018-16743: The command-line parameter username wsa passed
unsanitized to strcpy(), which could have caused a stack-based buffer
overflow (bsc#1108761)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top