Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1670-1
HistoryNov 24, 2008 - 12:00 a.m.

enscript - arbitrary code execution

2008-11-2400:00:00
Google
osv.dev
8

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.303 Low

EPSS

Percentile

96.3%

JSON

Several vulnerabilities have been discovered in Enscript, a converter
from ASCII text to Postscript, HTML or RTF. The Common Vulnerabilities
and Exposures project identifies the following problems:

  • CVE-2008-3863
    Ulf Harnhammer discovered that a buffer overflow may lead to
    the execution of arbitrary code.
  • CVE-2008-4306
    Kees Cook and Tomas Hoger discovered that several buffer
    overflows may lead to the execution of arbitrary code.

For the stable distribution (etch), these problems have been fixed in
version 1.6.4-11.1.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), these problems have been fixed in version 1.6.4-13.

We recommend that you upgrade your enscript package.

CPENameOperatorVersion
enscripteq1.6.4-11

Related

redhat 2
nessus 20
fedora 2
freebsd 1
gentoo 1
openvas 35
ubuntucve 2
debian 1
oraclelinux 2
centos 3
ubuntu 1
prion 2
veracode 2
debiancve 2
cve 2
seebug 1
securityvulns 3
redhat
redhat
(RHSA-2008:1016) Moderate: enscript security update
2008-12-15 00:00:00
(RHSA-2008:1021) Moderate: enscript security update
2008-12-15 00:00:00
nessus
nessus
Fedora 9 : enscript-1.6.4-10.fc9 (2008-9372)
2008-11-06 00:00:00
FreeBSD : enscript -- arbitrary code execution vulnerability (a1126054-b57c-11dd-8892-0017319806e7)
2008-11-19 00:00:00
Debian DSA-1670-1 : enscript - buffer overflows
2008-11-25 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: enscript-1.6.4-9.fc8
2008-11-06 04:04:23
[SECURITY] Fedora 9 Update: enscript-1.6.4-10.fc9
2008-11-06 04:06:38
freebsd
freebsd
enscript -- arbitrary code execution vulnerability
2008-10-22 00:00:00
gentoo
gentoo
enscript: User-assisted execution of arbitrary code
2008-12-02 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200812-02 (enscript)
2008-12-03 00:00:00
Mandriva Update for enscript MDVSA-2008:243 (enscript)
2009-04-09 00:00:00
Fedora Update for enscript FEDORA-2008-9351
2009-02-17 00:00:00
ubuntucve
ubuntucve
CVE-2008-4306
2008-11-04 00:00:00
CVE-2008-3863
2008-10-23 00:00:00
debian
debian
[SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution
2008-11-24 21:01:29
oraclelinux
oraclelinux
enscript security update
2008-12-15 00:00:00
enscript security update
2008-12-15 00:00:00
centos
centos
enscript security update
2008-12-16 01:11:43
enscript security update
2008-12-15 16:57:26
enscript security update
2008-12-15 22:08:08
ubuntu
ubuntu
enscript vulnerability
2008-11-03 00:00:00
prion
prion
Buffer overflow
2008-11-04 21:00:00
Stack overflow
2008-10-23 22:00:00
veracode
veracode
Arbitrary Command Execution
2020-04-10 00:29:06
Arbitrary Code Execution
2020-04-10 00:29:06
debiancve
debiancve
CVE-2008-4306
2008-11-04 21:00:00
CVE-2008-3863
2008-10-23 22:00:00
cve
cve
CVE-2008-4306
2008-11-04 21:00:00
CVE-2008-3863
2008-10-23 22:00:00
seebug
seebug
GNU Enscript src/psgen.cζ ˆζΊ’ε‡ΊζΌζ΄ž
2008-10-23 00:00:00
securityvulns
securityvulns
GNU enscript buffer overflow
2008-10-29 00:00:00
Secunia Research: GNU Enscript "setfilename" Special Escape Buffer Overflow
2008-10-29 00:00:00
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.303 Low

EPSS

Percentile

96.3%

JSON
Related for OSV:DSA-1670-1
redhat2nessus20fedora2freebsd1gentoo1openvas35ubuntucve2debian1oraclelinux2centos3ubuntu1prion2veracode2debiancve2cve2seebug1securityvulns3