Lucene search
K

117 matches found

Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.30 views

FreeBSD : a2ps -- insecure command line argument handling (8091fcea-f35e-11d8-81b0-000347a4fa7d)

Rudolf Polzer reports : a2ps builds a command line for file containing an unescaped version of the file name, thus might call external programs described by the file name. Running a cronjob over a public writable directory a2ps-ing all files in it - or simply typing 'a2ps .txt' in /tmp - is...

10CVSS5.3AI score0.15981EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.31 views

Gentoo Security Advisory GLSA 200501-02 (a2ps)

The remote host is missing updates announced in advisory GLSA 200501-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.5AI score0.15981EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.14 views

Gentoo Security Advisory GLSA 200501-02 (a2ps)

The remote host is missing updates announced in advisory GLSA 200501-02. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.15981EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.26 views

FreeBSD Ports: a2ps-a4, a2ps-letter, a2ps-letterdj

The remote host is missing an update to the system as announced in the referenced advisory. VID 9168253c-5a6d-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

2.1CVSS6.5AI score0.00362EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.17 views

FreeBSD Ports: a2ps-a4, a2ps-letter, a2ps-letterdj

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

2.1CVSS7AI score0.00362EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.18 views

FreeBSD Ports: a2ps-a4

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS6.6AI score0.15981EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.21 views

Debian Security Advisory DSA 612-1 (a2ps)

The remote host is missing an update to a2ps announced via advisory DSA 612-1. OpenVAS Vulnerability Test $Id: deb6121.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 612-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

10CVSS0.4AI score0.15981EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.24 views

Debian Security Advisory DSA 612-1 (a2ps)

The remote host is missing an update to a2ps announced via advisory DSA 612-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.15981EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.30 views

FreeBSD : a2ps -- insecure temporary file creation (9168253c-5a6d-11d9-a9e7-0001020eed82)

A Secunia Security Advisory reports that Javier Fernandez-Sanguino Pena has found temporary file creation vulnerabilities in the fixps and psmandup scripts which are part of a2ps. These vulnerabilities could lead to an attacker overwriting arbitrary files with the credentials of the user running...

2.1CVSS5.6AI score0.00362EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/06/08 12:0 a.m.22 views

Mandrake Linux Security Advisory : a2ps (MDKSA-2005:097)

The fixps and psmandup scripts, part of the a2ps package, are vulnerable to symlink attacks which could allow a local attacker to overwrite arbitrary files. The updated packages have been patched to correct the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

2.1CVSS5.6AI score0.00362EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/02/14 12:0 a.m.26 views

GLSA-200501-02 : a2ps: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200501-02 a2ps: Multiple vulnerabilities Javier Fernandez-Sanguino Pena discovered that the a2ps package contains two scripts that create insecure temporary files fixps and psmandup. Furthermore, we fixed in a previous revision a...

10CVSS5.9AI score0.15981EPSS
Exploits1References5
exploitpack
exploitpack
added 2005/02/13 12:0 a.m.27 views

GNU a2ps - Anything to PostScript Not SUID Local Overflow

GNU a2ps - Anything to PostScript Not SUID Local Overflow / Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlen...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2005/02/13 12:0 a.m.24 views

GNU a2ps ""Anything to PostScript"" Local Exploit (not suid)

No description provided by source. / Not added to Local Non Poc section /str0ke / include stdio.h include stdlib.h include errno.h // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa -...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/02/13 12:0 a.m.24 views

GNU a2ps "Anything to PostScript" Local Exploit (not suid)

Exploit for linux platform in category local exploits ========================================================== GNU a2ps "Anything to PostScript" Local Exploit not suid ========================================================== / Not added to Local Non Poc section /str0ke / include include inclu...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2005/02/13 12:0 a.m.49 views

GNU a2ps - Anything to PostScript Not SUID Local Overflow

/ Not added to Local Non Poc section /str0ke / include include include // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING "/usr/bin/a2ps" define DEFRET 0xbffffffa - strlensc - strlenVULNTHING define xnullbitch 1100 //im not a asm...

7.4AI score
Exploits0
Debian CVE
Debian CVE
added 2005/01/19 5:0 a.m.42 views

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

2.1CVSS6.1AI score0.00362EPSS
Exploits0
CVE
CVE
added 2005/01/19 5:0 a.m.71 views

CVE-2004-1377

The CVE-2004-1377 issue affects the a2ps package: the fixps (fixps.in) and psmandup (psmandup.in) scripts allow local users to overwrite arbitrary files via a symlink attack on temporary files, with impact being partial integrity if exploited. Documentation in multiple advisories confirms this vu...

2.1CVSS6.1AI score0.00362EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2005/01/19 5:0 a.m.29 views

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

6.1AI score0.00362EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.19 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

10CVSS6.2AI score0.15981EPSS
Exploits1References1
NVD
NVD
added 2005/01/10 5:0 a.m.19 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

10CVSS7.4AI score0.15981EPSS
Exploits1References11
Rows per page
Query Builder