Nom du paquet
mgetty
Date
2003-05-07
Advisory ID
MDKSA-2003:053-1
Affected versions
8.2 i586 , 8.2 i586

Problem description

Two vulnerabilities were discovered in mgetty versions prior to 1.1.29. An internal buffer could be overflowed if the caller name reported by the modem, via Caller ID information, was too long. As well, the faxspool script that comes with mgetty used a simple permissions scheme to allow or deny fax transmission privileges. Because the spooling directory used for outgoing faxes was world-writeable, this scheme was easily circumvented. Update: The installation of mgetty-sendfax on Mandrake Linux 8.2 relied on macros that are not existant, which would result in fresh installs of mgetty-sendfax being unable to work. Updated packages for 8.2 correct this.

Updated packages

8.2 i586

 e6bfe82a11287a2cb6a33b267d578a28  ppc/8.2/RPMS/mgetty-1.1.30-1.2mdk.ppc.rpm
afafa46f8bfdda0cdea5be883ae7ba1a  ppc/8.2/RPMS/mgetty-contrib-1.1.30-1.2mdk.ppc.rpm
db2c3ad5d767577411aabe33040a8224  ppc/8.2/RPMS/mgetty-sendfax-1.1.30-1.2mdk.ppc.rpm
90c5adc97c160d6034d84b12b2bf3014  ppc/8.2/RPMS/mgetty-viewfax-1.1.30-1.2mdk.ppc.rpm
c621573e0b7b8d0f467eed3e4386f296  ppc/8.2/RPMS/mgetty-voice-1.1.30-1.2mdk.ppc.rpm
e04ba32a7b415933e54eb6badbb3d0e4  ppc/8.2/SRPMS/mgetty-1.1.30-1.2mdk.src.rpm

8.2 i586

 b11724ad344935ed995a7c7afaf349c1  8.2/RPMS/mgetty-1.1.30-1.2mdk.i586.rpm
f6b170a0d412f4e7bba649415c372c1a  8.2/RPMS/mgetty-contrib-1.1.30-1.2mdk.i586.rpm
75c04b1e29432e07013401d53c3c88f2  8.2/RPMS/mgetty-sendfax-1.1.30-1.2mdk.i586.rpm
f6994f1acdba19440f9ccc93eb04a5cc  8.2/RPMS/mgetty-viewfax-1.1.30-1.2mdk.i586.rpm
e90229836bd2358ded66de2804f3a2b0  8.2/RPMS/mgetty-voice-1.1.30-1.2mdk.i586.rpm
e04ba32a7b415933e54eb6badbb3d0e4  8.2/SRPMS/mgetty-1.1.30-1.2mdk.src.rpm

References