117 matches found
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...
a2ps: Multiple vulnerabilities
Background a2ps is an Any to Postscript filter that can convert to Postscript from many filetypes. fixps is a script that fixes errors in Postscript files. psmandup produces a Postscript file for printing in manual duplex mode. Description Javier Fernandez-Sanguino Pena discovered that the a2ps...
CVE-2004-1377
The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2004-1377
The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...
a2ps -- insecure temporary file creation
A Secunia Security Advisory reports that Javier Fernández-Sanguino Peña has found temporary file creation vulnerabilities in the fixps and psmandup scripts which are part of a2ps. These vulnerabilities could lead to an attacker overwriting arbitrary files with the credentials of the user running...
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 612-1 [email protected] http://www.debian.org/security/ Martin Schulze December 20th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 612-1 [email protected] http://www.debian.org/security/ Martin Schulze December 20th, 2004 http://www.debian.org/security/faq -...
DSA-612-1 a2ps - unsanitised input
Bulletin has no description...
Debian DSA-612-1 : a2ps - unsanitised input
Rudolf Polzer discovered a vulnerability in a2ps, a converter and pretty-printer for many formats to PostScript. The program did not escape shell meta characters properly which could lead to the execution of arbitrary commands as a privileged user if a2ps is installed as a printer filter...
CVE-2004-1170
CVE-2004-1170 affects a2ps 4.13, where remote attackers could cause arbitrary command execution by supplying shell metacharacters in a filename. The vulnerability stems from insecure handling of filenames, enabling code execution with the privileges of the invoking user. Several connected advisor...
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...
Mandrake Linux Security Advisory : a2ps (MDKSA-2004:140)
The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application. The updated packages have been patched to prevent this problem. %NASLMINLEVEL 70300 C Tenable Networ...
a2ps shell characters code execution
No description provided...
[SA12375] GNU a2ps Command Injection Vulnerability
TITLE: GNU a2ps Command Injection Vulnerability SECUNIA ADVISORY ID: SA12375 VERIFY ADVISORY: http://secunia.com/advisories/12375/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: GNU a2ps 4.x http://secunia.com/product/3837/ DESCRIPTION: Rudolf Polzer has...
GNU a2ps 4.13 - File Name Command Execution
GNU a2ps 4.13 - File Name Command Execution source: https://www.securityfocus.com/bid/11025/info Reportedly GNU a2ps is affected by a filename command-execution vulnerability. This issue is due to the application's failure to properly sanitize filenames. An attacker might leverage this issue to...