VYPR
Vendor

Gert Doering

Products
1
CVEs
10
Across products
10
Status
Private

Products

1

Recent CVEs

10
  • CVE-2018-16743HigSep 13, 2018
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow.

  • CVE-2003-0517MedAug 18, 2003
    risk 0.36cvss 5.5epss 0.00

    faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.

  • CVE-2000-0691Oct 20, 2000
    risk 0.03cvss epss 0.01

    The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.

  • CVE-2019-1010189Jul 24, 2019
    risk 0.00cvss epss 0.01

    mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1.

  • CVE-2019-1010190Jul 24, 2019
    risk 0.00cvss epss 0.01

    mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is:…

  • CVE-2008-4936Nov 5, 2008
    risk 0.00cvss epss 0.00

    faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.

  • CVE-2003-0516Aug 18, 2003
    risk 0.00cvss epss 0.02

    cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.

  • CVE-2002-1391Jan 17, 2003
    risk 0.00cvss epss 0.04

    Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.

  • CVE-2002-1392Jan 17, 2003
    risk 0.00cvss epss 0.00

    faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.

  • CVE-2001-0141Mar 12, 2001
    risk 0.00cvss epss 0.00

    mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.