Lucene search
K

117 matches found

UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.19 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

10CVSS6.2AI score0.15981EPSS
Exploits1References1
OSV
OSV
added 2005/01/10 5:0 a.m.8 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

7.4AI score
Exploits0References15
Gentoo Linux
Gentoo Linux
added 2005/01/04 12:0 a.m.41 views

a2ps: Multiple vulnerabilities

Background a2ps is an Any to Postscript filter that can convert to Postscript from many filetypes. fixps is a script that fixes errors in Postscript files. psmandup produces a Postscript file for printing in manual duplex mode. Description Javier Fernandez-Sanguino Pena discovered that the a2ps...

10CVSS1.8AI score0.15981EPSS
Exploits1
NVD
NVD
added 2004/12/27 5:0 a.m.38 views

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

2.1CVSS6.2AI score0.00362EPSS
Exploits0References7
OSV
OSV
added 2004/12/27 5:0 a.m.5 views

CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

6.1AI score
Exploits0References7
FreeBSD
FreeBSD
added 2004/12/27 12:0 a.m.34 views

a2ps -- insecure temporary file creation

A Secunia Security Advisory reports that Javier Fernández-Sanguino Peña has found temporary file creation vulnerabilities in the fixps and psmandup scripts which are part of a2ps. These vulnerabilities could lead to an attacker overwriting arbitrary files with the credentials of the user running...

2.1CVSS6.7AI score0.00362EPSS
Exploits0References1
Debian
Debian
added 2004/12/20 11:29 a.m.47 views

[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 612-1 [email protected] http://www.debian.org/security/ Martin Schulze December 20th, 2004 http://www.debian.org/security/faq -...

10CVSS6.3AI score0.15981EPSS
Exploits1
Debian
Debian
added 2004/12/20 11:29 a.m.38 views

[SECURITY] [DSA 612-1] New a2ps packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 612-1 [email protected] http://www.debian.org/security/ Martin Schulze December 20th, 2004 http://www.debian.org/security/faq -...

10CVSS0.8AI score0.15981EPSS
Exploits1
OSV
OSV
added 2004/12/20 12:0 a.m.21 views

DSA-612-1 a2ps - unsanitised input

Bulletin has no description...

10CVSS6AI score0.15981EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/12/20 12:0 a.m.33 views

Debian DSA-612-1 : a2ps - unsanitised input

Rudolf Polzer discovered a vulnerability in a2ps, a converter and pretty-printer for many formats to PostScript. The program did not escape shell meta characters properly which could lead to the execution of arbitrary commands as a privileged user if a2ps is installed as a printer filter...

10CVSS5.6AI score0.15981EPSS
Exploits1References3
CVE
CVE
added 2004/12/10 5:0 a.m.71 views

CVE-2004-1170

CVE-2004-1170 affects a2ps 4.13, where remote attackers could cause arbitrary command execution by supplying shell metacharacters in a filename. The vulnerability stems from insecure handling of filenames, enabling code execution with the privileges of the invoking user. Several connected advisor...

10CVSS7.3AI score0.15981EPSS
Exploits1References11Affected Software2
Cvelist
Cvelist
added 2004/12/10 5:0 a.m.29 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

7.3AI score0.15981EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2004/12/10 5:0 a.m.35 views

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

10CVSS7.3AI score0.15981EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2004/11/27 12:0 a.m.26 views

Mandrake Linux Security Advisory : a2ps (MDKSA-2004:140)

The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application. The updated packages have been patched to prevent this problem. %NASLMINLEVEL 70300 C Tenable Networ...

10CVSS5.8AI score0.15981EPSS
Exploits1References1
securityvulns
securityvulns
added 2004/08/30 12:0 a.m.26 views

a2ps shell characters code execution

No description provided...

3.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/08/30 12:0 a.m.38 views

[SA12375] GNU a2ps Command Injection Vulnerability

TITLE: GNU a2ps Command Injection Vulnerability SECUNIA ADVISORY ID: SA12375 VERIFY ADVISORY: http://secunia.com/advisories/12375/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: GNU a2ps 4.x http://secunia.com/product/3837/ DESCRIPTION: Rudolf Polzer has...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2004/08/24 12:0 a.m.19 views

GNU a2ps 4.13 - File Name Command Execution

GNU a2ps 4.13 - File Name Command Execution source: https://www.securityfocus.com/bid/11025/info Reportedly GNU a2ps is affected by a filename command-execution vulnerability. This issue is due to the application's failure to properly sanitize filenames. An attacker might leverage this issue to...

7.6AI score
Exploits0
Rows per page
Query Builder