MDKSA-2003:053-1
- Package name
- mgetty
- Date
- 2003-05-07
- Advisory ID
- MDKSA-2003:053-1
- Affected versions
- 8.2 i586 , 8.2 i586
Problem description
Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented. Update: The installation of mgetty-sendfax on Mandrake Linux 8.2 relied on macros that are not existant, which would result in fresh installs of mgetty-sendfax being unable to work. Updated packages for 8.2 correct this.
Updated packages
8.2 i586
e6bfe82a11287a2cb6a33b267d578a28 ppc/8.2/RPMS/mgetty-1.1.30-1.2mdk.ppc.rpm afafa46f8bfdda0cdea5be883ae7ba1a ppc/8.2/RPMS/mgetty-contrib-1.1.30-1.2mdk.ppc.rpm db2c3ad5d767577411aabe33040a8224 ppc/8.2/RPMS/mgetty-sendfax-1.1.30-1.2mdk.ppc.rpm 90c5adc97c160d6034d84b12b2bf3014 ppc/8.2/RPMS/mgetty-viewfax-1.1.30-1.2mdk.ppc.rpm c621573e0b7b8d0f467eed3e4386f296 ppc/8.2/RPMS/mgetty-voice-1.1.30-1.2mdk.ppc.rpm e04ba32a7b415933e54eb6badbb3d0e4 ppc/8.2/SRPMS/mgetty-1.1.30-1.2mdk.src.rpm
8.2 i586
b11724ad344935ed995a7c7afaf349c1 8.2/RPMS/mgetty-1.1.30-1.2mdk.i586.rpm f6b170a0d412f4e7bba649415c372c1a 8.2/RPMS/mgetty-contrib-1.1.30-1.2mdk.i586.rpm 75c04b1e29432e07013401d53c3c88f2 8.2/RPMS/mgetty-sendfax-1.1.30-1.2mdk.i586.rpm f6994f1acdba19440f9ccc93eb04a5cc 8.2/RPMS/mgetty-viewfax-1.1.30-1.2mdk.i586.rpm e90229836bd2358ded66de2804f3a2b0 8.2/RPMS/mgetty-voice-1.1.30-1.2mdk.i586.rpm e04ba32a7b415933e54eb6badbb3d0e4 8.2/SRPMS/mgetty-1.1.30-1.2mdk.src.rpm