CVE-2002-1391

Name of the Vulnerable Software and Affected Versions mgetty versions prior to 1.1.29 mgetty-sendfax versions 1.1.30 mgetty-viewfax versions 1.1.30 mgetty-voice versions 1.1.30

Description The issue affects the mgetty package in Red Hat Linux, allowing remote attackers to exploit multiple vulnerabilities and potentially disrupt the confidentiality, integrity, and availability of protected information. The exploitation can be done remotely. A buffer overflow in the cnd-program for mgetty before version 1.1.29 is also possible via a long CallerName argument in a Caller ID string, which may cause a denial of service and possibly execute arbitrary code.

Recommendations For mgetty versions prior to 1.1.29, update to version 1.1.29 or later to resolve the issue. For mgetty-sendfax, mgetty-viewfax, and mgetty-voice versions 1.1.30, consider disabling the vulnerable components until a patch is available. As a temporary workaround, restrict access to the vulnerable modules to minimize the risk of exploitation.