Advisories
Mandriva Advisories
|
 |
| Problem Description |
Two vulnerabilities were discovered in mgetty versions prior to 1.1.29.
An internal buffer could be overflowed if the caller name reported by
the modem, via Caller ID information, was too long. As well, the
faxspool script that comes with mgetty used a simple permissions scheme
to allow or deny fax transmission privileges. Because the spooling
directory used for outgoing faxes was world-writeable, this scheme was
easily circumvented.
| Updated Packages |
Mandrakelinux 8.2
330becd354c24f1f162a458d51136dde 8.2/RPMS/mgetty-1.1.30-1.1mdk.i586.rpm 6e6a0b1de014ae355e0388c7bc16e552 8.2/RPMS/mgetty-contrib-1.1.30-1.1mdk.i586.rpm 690d8229e630db08ffb618951a43753a 8.2/RPMS/mgetty-sendfax-1.1.30-1.1mdk.i586.rpm d7675aafd5b83feb50b66a7883b9986c 8.2/RPMS/mgetty-viewfax-1.1.30-1.1mdk.i586.rpm 57de8b1c9976c50e8ed20850745515e8 8.2/RPMS/mgetty-voice-1.1.30-1.1mdk.i586.rpm 5437feaca7e6119e52264e864865c8b2 8.2/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
Mandrakelinux 8.2/PPC
76de414b985ba201c0ccf465370bf426 ppc/8.2/RPMS/mgetty-1.1.30-1.1mdk.ppc.rpm 652f6653cf01b6a95e2254fb96fcec6c ppc/8.2/RPMS/mgetty-contrib-1.1.30-1.1mdk.ppc.rpm 7b81ccbc5d7c1f8c53a7db8ad0fc5163 ppc/8.2/RPMS/mgetty-sendfax-1.1.30-1.1mdk.ppc.rpm fbcf6dfba626046ccf48fcf6a20e0dc4 ppc/8.2/RPMS/mgetty-viewfax-1.1.30-1.1mdk.ppc.rpm 76a969d0af7df4c32484fe47932029e6 ppc/8.2/RPMS/mgetty-voice-1.1.30-1.1mdk.ppc.rpm 5437feaca7e6119e52264e864865c8b2 ppc/8.2/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
Mandrakelinux 9.0
5e1ede90ae8b7a1d85ee4401457c9978 9.0/RPMS/mgetty-1.1.30-1.1mdk.i586.rpm 1eee1e82acf1916394d0c2feb2f5c8ca 9.0/RPMS/mgetty-contrib-1.1.30-1.1mdk.i586.rpm e3584c7dc00fc6b1a035f4023863055b 9.0/RPMS/mgetty-sendfax-1.1.30-1.1mdk.i586.rpm f8a9d43f3026ab0bb6907b85935a8264 9.0/RPMS/mgetty-viewfax-1.1.30-1.1mdk.i586.rpm f348c6ca71a6db759524036db48d0478 9.0/RPMS/mgetty-voice-1.1.30-1.1mdk.i586.rpm 5437feaca7e6119e52264e864865c8b2 9.0/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
Multi Network Firewall 8.2
330becd354c24f1f162a458d51136dde mnf8.2/RPMS/mgetty-1.1.30-1.1mdk.i586.rpm 6e6a0b1de014ae355e0388c7bc16e552 mnf8.2/RPMS/mgetty-contrib-1.1.30-1.1mdk.i586.rpm 5437feaca7e6119e52264e864865c8b2 mnf8.2/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
Corporate Server 2.1
5e1ede90ae8b7a1d85ee4401457c9978 corporate/2.1/RPMS/mgetty-1.1.30-1.1mdk.i586.rpm 1eee1e82acf1916394d0c2feb2f5c8ca corporate/2.1/RPMS/mgetty-contrib-1.1.30-1.1mdk.i586.rpm e3584c7dc00fc6b1a035f4023863055b corporate/2.1/RPMS/mgetty-sendfax-1.1.30-1.1mdk.i586.rpm f8a9d43f3026ab0bb6907b85935a8264 corporate/2.1/RPMS/mgetty-viewfax-1.1.30-1.1mdk.i586.rpm f348c6ca71a6db759524036db48d0478 corporate/2.1/RPMS/mgetty-voice-1.1.30-1.1mdk.i586.rpm 5437feaca7e6119e52264e864865c8b2 corporate/2.1/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
Corporate Server 2.1/X86_64
25223a7dcbff451cdbec4d97ed05c1cf x86_64/corporate/2.1/RPMS/mgetty-1.1.30-1.1mdk.x86_64.rpm 588e2c08b862c0340d99d04c47521f34 x86_64/corporate/2.1/RPMS/mgetty-contrib-1.1.30-1.1mdk.x86_64.rpm ba7679b1fee246775652193205030393 x86_64/corporate/2.1/RPMS/mgetty-sendfax-1.1.30-1.1mdk.x86_64.rpm 63f2b250ef371dd90312c9a0cd192db6 x86_64/corporate/2.1/RPMS/mgetty-viewfax-1.1.30-1.1mdk.x86_64.rpm 25b48a970131593289f679585b1d57e1 x86_64/corporate/2.1/RPMS/mgetty-voice-1.1.30-1.1mdk.x86_64.rpm 5437feaca7e6119e52264e864865c8b2 x86_64/corporate/2.1/SRPMS/mgetty-1.1.30-1.1mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.