Red Hat Security Advisory: Updated mgetty packages are now available | Linux Today

Red Hat Security Advisory: Updated mgetty packages are now available

Written By
Web Webster
Web Webster
Sep 12, 2000

Date: Mon, 11 Sep 2000 14:57:00 -0400
From: bugzilla@REDHAT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [RHSA-2000:059-02] Updated mgetty packages are now
available.


                   Red Hat, Inc. Security Advisory

Synopsis:          Updated mgetty packages are now available.
Advisory ID:       RHSA-2000:059-02
Issue date:        2000-09-07
Updated on:        2000-09-11
Product:           Red Hat Linux
Keywords:          N/A
Cross references:  N/A

1. Topic:

The mgetty-sendfax package contains a vulnerability which allows
any user with access to the /var/tmp directory to destroy any file
on any mounted filesystem.

2. Relevant releases/architectures:

Red Hat Linux 5.2 – i386, alpha, sparc
Red Hat Linux 6.0 – i386, alpha, sparc
Red Hat Linux 6.1 – i386, alpha, sparc
Red Hat Linux 6.2 – i386, alpha, sparc
Red Hat Linux 6.2E – i386, alpha, sparc

3. Problem description:

The faxrunq and faxrunqd commands supplied with the
mgetty-sendfax package use a file named
/var/spool/fax/outgoing/.lastrun to keep track of the date and time
when the faxrunq command was last run. /var/tmp is a world-writable
directory, and no check is made to ensure that .lastrun is not a
symbolic link to another file. A malicious user can create a
symbolic link named /var/spool/fax/outgoing/.lastrun which points
to any file on a mounted filesystem, and that file’s contents will
be destroyed the next time faxrunq is run.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla
for more info):

11874 – Mgetty packages default config is a security threat
17178 – one more security problem with mgetty
17179 – security problem with mgetty

6. RPMs required:

Red Hat Linux 5.2:

sparc:

ftp://updates.redhat.com/5.2/sparc/mgetty-voice-1.1.22-1.5.x.sparc.rpm


ftp://updates.redhat.com/5.2/sparc/mgetty-viewfax-1.1.22-1.5.x.sparc.rpm


ftp://updates.redhat.com/5.2/sparc/mgetty-sendfax-1.1.22-1.5.x.sparc.rpm

ftp://updates.redhat.com/5.2/sparc/mgetty-1.1.22-1.5.x.sparc.rpm

alpha:

ftp://updates.redhat.com/5.2/alpha/mgetty-voice-1.1.22-1.5.x.alpha.rpm


ftp://updates.redhat.com/5.2/alpha/mgetty-viewfax-1.1.22-1.5.x.alpha.rpm


ftp://updates.redhat.com/5.2/alpha/mgetty-sendfax-1.1.22-1.5.x.alpha.rpm

ftp://updates.redhat.com/5.2/alpha/mgetty-1.1.22-1.5.x.alpha.rpm

i386:

ftp://updates.redhat.com/5.2/i386/mgetty-voice-1.1.22-1.5.x.i386.rpm


ftp://updates.redhat.com/5.2/i386/mgetty-viewfax-1.1.22-1.5.x.i386.rpm


ftp://updates.redhat.com/5.2/i386/mgetty-sendfax-1.1.22-1.5.x.i386.rpm

ftp://updates.redhat.com/5.2/i386/mgetty-1.1.22-1.5.x.i386.rpm

sources:
ftp://updates.redhat.com/5.2/SRPMS/mgetty-1.1.22-1.5.x.src.rpm

Red Hat Linux 6.0, 6.1, and 6.2:

sparc:

ftp://updates.redhat.com/6.2/sparc/mgetty-voice-1.1.22-1.6.x.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/mgetty-viewfax-1.1.22-1.6.x.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/mgetty-sendfax-1.1.22-1.6.x.sparc.rpm

ftp://updates.redhat.com/6.2/sparc/mgetty-1.1.22-1.6.x.sparc.rpm

i386:

ftp://updates.redhat.com/6.2/i386/mgetty-voice-1.1.22-1.6.x.i386.rpm


ftp://updates.redhat.com/6.2/i386/mgetty-viewfax-1.1.22-1.6.x.i386.rpm


ftp://updates.redhat.com/6.2/i386/mgetty-sendfax-1.1.22-1.6.x.i386.rpm

ftp://updates.redhat.com/6.2/i386/mgetty-1.1.22-1.6.x.i386.rpm

alpha:

ftp://updates.redhat.com/6.2/alpha/mgetty-voice-1.1.22-1.6.x.alpha.rpm


ftp://updates.redhat.com/6.2/alpha/mgetty-viewfax-1.1.22-1.6.x.alpha.rpm


ftp://updates.redhat.com/6.2/alpha/mgetty-sendfax-1.1.22-1.6.x.alpha.rpm

ftp://updates.redhat.com/6.2/alpha/mgetty-1.1.22-1.6.x.alpha.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/mgetty-1.1.22-1.6.x.src.rpm

7. Verification:

MD5 sum                           Package Name

b27b3fda4c0d0e7ac7b74353c4f1f145 5.2/SRPMS/mgetty-1.1.22-1.5.x.src.rpm
b652205f79715212bef4c98f0d624f6d 5.2/alpha/mgetty-1.1.22-1.5.x.alpha.rpm
dcc1ae6fa8cf601c3418d0affbf91039 5.2/alpha/mgetty-sendfax-1.1.22-1.5.x.alpha.rpm
fe85f4fe5367d619b160987e912b7e24 5.2/alpha/mgetty-viewfax-1.1.22-1.5.x.alpha.rpm
c2d5a314915ade00c98ba3fe4ce5712b 5.2/alpha/mgetty-voice-1.1.22-1.5.x.alpha.rpm
f2fb0d8bf7f3b2140a3e21170399bc7c 5.2/i386/mgetty-1.1.22-1.5.x.i386.rpm
e3773830446a4fba7555d70732a2938d 5.2/i386/mgetty-sendfax-1.1.22-1.5.x.i386.rpm
245f0b0f00e1687401edd65db86cd7a9 5.2/i386/mgetty-viewfax-1.1.22-1.5.x.i386.rpm
f49678f5fc10297473b9415f7148fe94 5.2/i386/mgetty-voice-1.1.22-1.5.x.i386.rpm
45ff2fa65ed3411734a58162880ca19f 5.2/sparc/mgetty-1.1.22-1.5.x.sparc.rpm
6b69116697c9636a9d3fc59f209d74ff 5.2/sparc/mgetty-sendfax-1.1.22-1.5.x.sparc.rpm
9db43716f48517d4bd6cf22253e975f1 5.2/sparc/mgetty-viewfax-1.1.22-1.5.x.sparc.rpm
1fabca053ad9a520d3065c00d31bb9d9 5.2/sparc/mgetty-voice-1.1.22-1.5.x.sparc.rpm
7b50848c4ef1d27d2c40e9f5e2c74f75 6.2/SRPMS/mgetty-1.1.22-1.6.x.src.rpm
47d1b922a94ffe984a19285f2296907c 6.2/alpha/mgetty-1.1.22-1.6.x.alpha.rpm
52c43e4d8195ee483459c0b273f064f4 6.2/alpha/mgetty-sendfax-1.1.22-1.6.x.alpha.rpm
3927d2ead5ef89b93f3799190af12535 6.2/alpha/mgetty-viewfax-1.1.22-1.6.x.alpha.rpm
4eb7013dee45011c6c7958be40e000fe 6.2/alpha/mgetty-voice-1.1.22-1.6.x.alpha.rpm
bd6ee4b93aa742d6cbc92bbae031c345 6.2/i386/mgetty-1.1.22-1.6.x.i386.rpm
3539dc2f5c5bef8819a8bc781e0d3405 6.2/i386/mgetty-sendfax-1.1.22-1.6.x.i386.rpm
3a17e82b398d69c294952773a098c105 6.2/i386/mgetty-viewfax-1.1.22-1.6.x.i386.rpm
e61f3413ce93cd30c41eeb29caef2177 6.2/i386/mgetty-voice-1.1.22-1.6.x.i386.rpm
03d15f11dafe000ad55c3290974ae670 6.2/sparc/mgetty-1.1.22-1.6.x.sparc.rpm
7ae49a988c81a450cabc7f2ca6d24a76 6.2/sparc/mgetty-sendfax-1.1.22-1.6.x.sparc.rpm
b903bc9f9531ed015248e7e000f58884 6.2/sparc/mgetty-viewfax-1.1.22-1.6.x.sparc.rpm
985ee71161bb9bb1c73325115e0150f3 6.2/sparc/mgetty-voice-1.1.22-1.6.x.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our
key is available at:
http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
rpm –checksig

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:
rpm –checksig –nogpg

8. References:
http://www.securityfocus.com/bid/1612

Thanks also go to Stan Bubrouski, Gert Doering, and mal@mail1.nai.net.

Copyright(c) 2000 Red Hat, Inc.

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.