Gert Doering : Security Vulnerabilities, CVEs, CVSS score >= 3
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/faxsp.##### temporary file.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-11-05
Updated
2017-08-08
faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.
Max CVSS
5.5
EPSS Score
0.04%
Published
2003-08-18
Updated
2024-01-26
cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings.
Max CVSS
7.5
EPSS Score
0.19%
Published
2003-08-18
Updated
2008-09-10
Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.
Max CVSS
7.5
EPSS Score
6.83%
Published
2003-01-17
Updated
2017-10-10
4 vulnerabilities found