← voltar
CVE-2018-16741

CVE-2018-16741

EPSS 1.3%
An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.debian.org/debian-lts-announce/2018/09/msg00012.htmlhttps://www.debian.org/security/2018/dsa-4291https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty