Security Advisory

CVE-2018-16741

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-13 16:00:00

Last updated 2024-08-05 10:32:53

Assigner mitre

State PUBLISHED

Description

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.

← Browse all CVEs View on cve.org ↗