Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2380-1
HistoryJan 04, 2012 - 12:00 a.m.

foomatic-filters - shell command injection

2012-01-0400:00:00
Google
osv.dev
3

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

It was discovered that the foomatic-filters, a support package for
setting up printers, allowed authenticated users to submit crafted
print jobs which would execute shell commands on the print servers.

CVE-2011-2697
was assigned to the vulnerability in the Perl
implementation included in lenny, and CVE-2011-2964
to the vulnerability affecting the C reimplementation part of squeeze.

For the oldstable distribution (lenny), this problem has been fixed in
version 3.0.2-20080211-3.2+lenny1.

For the stable distribution (squeeze), this problem has been fixed in
version 4.0.5-6+squeeze1.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 4.0.9-1.

We recommend that you upgrade your foomatic-filters packages.

CPENameOperatorVersion
foomatic-filterseq3.0.2-20080211-3.2

Related

nessus 22
fedora 4
ubuntucve 2
openvas 30
ubuntu 1
securityvulns 2
oraclelinux 2
prion 2
debian 1
debiancve 2
gentoo 1
cve 2
centos 1
veracode 1
redhat 2
nessus
nessus
SuSE 10 Security Update : foomatic-filters (ZYPP Patch Number 7677)
2011-12-13 00:00:00
GLSA-201203-07 : foomatic-filters: User-assisted execution of arbitrary code
2012-03-06 00:00:00
Oracle Solaris Third-Party Patch Update : foomatic (multiple_vulnerabilities_in_foomatic)
2015-01-19 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: foomatic-4.0.7-2.fc14
2011-08-17 01:20:56
[SECURITY] Fedora 15 Update: foomatic-4.0.7-3.fc15
2011-08-17 01:06:21
[SECURITY] Fedora 14 Update: foomatic-4.0.8-3.fc14
2011-09-25 03:37:00
ubuntucve
ubuntucve
CVE-2011-2964
2011-07-29 00:00:00
CVE-2011-2697
2011-07-29 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201203-07 (foomatic-filters)
2012-03-12 00:00:00
Debian: Security Advisory (DSA-2380-1)
2012-02-11 00:00:00
Ubuntu: Security Advisory (USN-1194-1)
2011-08-27 00:00:00
ubuntu
ubuntu
Foomatic filters vulnerabilities
2011-08-22 00:00:00
securityvulns
securityvulns
foomatic code execution
2011-08-17 00:00:00
[ MDVSA-2011:125 ] foomatic-filters
2011-08-17 00:00:00
oraclelinux
oraclelinux
foomatic security update
2011-08-01 00:00:00
foomatic security update
2011-08-01 00:00:00
prion
prion
Design/Logic Flaw
2011-07-29 20:55:00
Design/Logic Flaw
2011-07-29 20:55:00
debian
debian
[SECURITY] [DSA 2380-1] foomatic-filters security update
2012-01-04 20:38:25
debiancve
debiancve
CVE-2011-2964
2011-07-29 20:55:00
CVE-2011-2697
2011-07-29 20:55:00
gentoo
gentoo
foomatic-filters: User-assisted execution of arbitrary code
2012-03-06 00:00:00
cve
cve
CVE-2011-2964
2011-07-29 20:55:00
CVE-2011-2697
2011-07-29 20:55:00
centos
centos
foomatic security update
2011-08-14 21:01:49
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 01:05:31
redhat
redhat
(RHSA-2011:1109) Moderate: foomatic security update
2011-08-01 00:00:00
(RHSA-2011:1110) Moderate: foomatic security update
2011-08-01 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-2380-1
nessus22fedora4ubuntucve2openvas30ubuntu1securityvulns2oraclelinux2prion2debian1debiancve2gentoo1cve2centos1veracode1redhat2