• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

MGetty Caller ID Excessive Name Length Buffer Overrun Vulnerability

Solution:
Version 1.1.29 of mgetty has been released to address this issue.

Mandrake Linux has released advisory MDKSA-2003:053 to address this issue.

Red Hat has released advisory RHSA-2003:036-01 to address this issue.

Caldera has released advisory CSSA-2003-021.0, and made fixes available to address this issue.

Sun has released a fix for Sun Linux 5.0.6.

Fixes available:


mgetty mgetty 1.1.25

• mgetty mgetty1.1.30-Dec16.tar.gz
  ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g z


• Red Hat mgetty-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/mgetty-1.1.30-0.7.i386.rpm


• Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r pm

mgetty mgetty 1.1.26

• mgetty mgetty1.1.30-Dec16.tar.gz
  ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g z


• Red Hat mgetty-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mgetty-1.1.30-0.7.i386.rpm


• Red Hat mgetty-1.1.30-0.7.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-1.1.30-0.7.ia64.rpm


• Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-sendfax-1.1.30-0.7.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-sendfax-1.1.30-0.7.ia64 .rpm


• Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-viewfax-1.1.30-0.7.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-viewfax-1.1.30-0.7.ia64 .rpm


• Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r pm


• Red Hat mgetty-voice-1.1.30-0.7.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/mgetty-voice-1.1.30-0.7.ia64.r pm

mgetty mgetty 1.1.27

• mgetty mgetty1.1.30-Dec16.tar.gz
  ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g z

mgetty mgetty 1.1.28

• mgetty mgetty1.1.30-Dec16.tar.gz
  ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.30-Dec16.tar.g z


• Red Hat mgetty-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mgetty-1.1.30-0.7.i386.rpm


• Red Hat mgetty-1.1.30-0.8.0.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mgetty-1.1.30-0.8.0.i386.rpm


• Red Hat mgetty-sendfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mgetty-sendfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-sendfax-1.1.30-0.8.0.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mgetty-sendfax-1.1.30-0.8.0.i3 86.rpm


• Red Hat mgetty-viewfax-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mgetty-viewfax-1.1.30-0.7.i386 .rpm


• Red Hat mgetty-viewfax-1.1.30-0.8.0.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mgetty-viewfax-1.1.30-0.8.0.i3 86.rpm


• Red Hat mgetty-voice-1.1.30-0.7.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/mgetty-voice-1.1.30-0.7.i386.r pm


• Red Hat mgetty-voice-1.1.30-0.8.0.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/mgetty-voice-1.1.30-0.8.0.i386 .rpm

MandrakeSoft Multi Network Firewall 2.0

• Mandrake mgetty-1.1.30-1.1mdk.i586.rpm
  Multi Network Firewall 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-1.1.30-1.1mdk.src.rpm
  Multi Network Firewall 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpm
  Multi Network Firewall 8.2
  http://www.mandrakesecure.net/en/ftp.php

MandrakeSoft Corporate Server 2.1

• Mandrake mgetty-1.1.30-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-1.1.30-1.1mdk.src.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-sendfax-1.1.30-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-viewfax-1.1.30-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-voice-1.1.30-1.1mdk.i586.rpm
  Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php

Sun Linux 5.0.6

• Sun mgetty-1.1.30-0.7.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/mgetty-1.1.30-0.7.i386.rpm


• Sun mgetty-sendfax-1.1.30-0.7.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/mgetty-sendfax-1.1.30-0.7.i386.rpm


• Sun mgetty-viewfax-1.1.30-0.7.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/mgetty-viewfax-1.1.30-0.7.i386.rpm


• Sun mgetty-voice-1.1.30-0.7.i386.rpm
  ftp://ftp.cobalt.sun.com/pub/products/sunlinux/5.0/en/updates/i386/RPM S/mgetty-voice-1.1.30-0.7.i386.rpm

MandrakeSoft Linux Mandrake 8.2 ppc

• Mandrake mgetty-1.1.30-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-1.1.30-1.1mdk.src.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-contrib-1.1.30-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-sendfax-1.1.30-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-viewfax-1.1.30-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-voice-1.1.30-1.1mdk.ppc.rpm
  Mandrake Linux 8.2/PPC
  http://www.mandrakesecure.net/en/ftp.php

MandrakeSoft Linux Mandrake 8.2

• Mandrake mgetty-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-sendfax-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-viewfax-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-voice-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 8.2
  http://www.mandrakesecure.net/en/ftp.php

MandrakeSoft Linux Mandrake 9.0

• Mandrake mgetty-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-1.1.30-1.1mdk.i586.rpm
  Multi Network Firewall 8.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-1.1.30-1.1mdk.src.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-contrib-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-sendfax-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-viewfax-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake mgetty-voice-1.1.30-1.1mdk.i586.rpm
  Mandrake Linux 9.0
  http://www.mandrakesecure.net/en/ftp.php