CVE-2001-1593

The tempnameensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spyuser function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file...

CVE-2001-1593

Jakub Wilk found that a2ps, a tool to convert text and other types of files to PostScript, insecurely used a temporary file in spyuser. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running a2ps...

CVE-2001-1593

CVE-2001-1593 affects the a2ps package (versions 4.14 and earlier). The vulnerability is in the tempname_ensure function (lib/routines.h), used by the spy_user function, allowing local users to modify arbitrary files via a symlink attack on a temporary file. Impact is local file modification with...

Debian DSA-2892-1 : a2ps - security update

Several vulnerabilities have been found in a2ps, an 'Anything to PostScript' converter and pretty-printer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2001-1593 The spyuser function which is called when a2ps is invoked with the --debug flag insecurel...

Debian Security Advisory DSA 2892-1 (a2ps - security update)

Several vulnerabilities have been found in a2ps, an Anything to PostScript converter and pretty-printer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2001-1593 The spyuser function which is called when a2ps is invoked with the --debug flag insecurely use...

DSA-2892-1 a2ps - security update

Bulletin has no description...