Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-612-1
HistoryDec 20, 2004 - 12:00 a.m.

a2ps - unsanitised input

2004-12-2000:00:00
Google
osv.dev
7

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Rudolf Polzer discovered a vulnerability in a2ps, a converter and
pretty-printer for many formats to PostScript. The program did not
escape shell meta characters properly which could lead to the
execution of arbitrary commands as a privileged user if a2ps is
installed as a printer filter.

For the stable distribution (woody) this problem has been fixed in
version 4.13b-16woody1.

For the unstable distribution (sid) this problem has been fixed in
version 1:4.13b-4.2.

We recommend that you upgrade your a2ps package.

CPENameOperatorVersion
a2pseq4.13b-16woody1

Related

openvas 6
debian 2
nessus 5
freebsd 1
redhatcve 1
cve 1
debiancve 1
ubuntucve 1
gentoo 1
suse 1
openvas
openvas
FreeBSD Ports: a2ps-a4
2008-09-04 00:00:00
Debian Security Advisory DSA 612-1 (a2ps)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200501-02 (a2ps)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution
2004-12-20 11:29:57
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution
2004-12-20 11:29:57
nessus
nessus
Mandrake Linux Security Advisory : a2ps (MDKSA-2004:140)
2004-11-27 00:00:00
FreeBSD : a2ps -- insecure command line argument handling (4)
2004-10-20 00:00:00
Debian DSA-612-1 : a2ps - unsanitised input
2004-12-20 00:00:00
freebsd
freebsd
a2ps -- insecure command line argument handling
2004-08-18 00:00:00
redhatcve
redhatcve
CVE-2004-1170
2015-10-30 10:14:17
cve
cve
CVE-2004-1170
2005-01-10 05:00:00
debiancve
debiancve
CVE-2004-1170
2005-01-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-1170
2005-01-10 00:00:00
gentoo
gentoo
a2ps: Multiple vulnerabilities
2005-01-04 00:00:00
suse
suse
remote command execution in XFree86-libs, xshared
2004-09-17 13:37:17

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-612-1
openvas6debian2nessus5freebsd1redhatcve1cve1debiancve1ubuntucve1gentoo1suse1