17 matches found
Oracle: Security Advisory (ELSA-2008-1016)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 5 : enscript (CESA-2008:1016)
An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and spools the...
CentOS 3 / 4 : enscript (CESA-2008:1021)
An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and...
RHEL 5 : enscript (RHSA-2008:1016)
An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and spools the...
RHEL 2.1 / 3 / 4 : enscript (RHSA-2008:1021)
An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and...
Moderate: Red Hat Security Advisory: enscript security update
An updated enscript packages that fixes several security issues is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU enscript converts ASCII files to PostScriptR language files and...
enscript security update
1.6.1-33.el4.1 - fixed CVE-2008-5078 1.6.1-33.0.1.el4 - fixed CVE-2008-3863 and CVE-2008-4306...
Gentoo Security Advisory GLSA 200812-02 (enscript)
The remote host is missing updates announced in advisory GLSA 200812-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
GLSA-200812-02 : enscript: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200812-02 enscript: User-assisted execution of arbitrary code Two stack-based buffer overflows in the readspecialescape function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability...
Gentoo Security Advisory GLSA 200812-02 (enscript)
The remote host is missing updates announced in advisory GLSA 200812-02. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1670-1 : enscript - buffer overflows
Several vulnerabilities have been discovered in Enscript, a converter from ASCII text to Postscript, HTML or RTF. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3863 Ulf Harnhammer discovered that a buffer overflow may lead to the execution of...
[SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1670-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 24, 2008 http://www.debian.org/security/faq -...
FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj
The remote host is missing an update to the system as announced in the referenced advisory. VID a1126054-b57c-11dd-8892-0017319806e7 OpenVAS Vulnerability Test $ Description: Auto generated from VID a1126054-b57c-11dd-8892-0017319806e7 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
DSA-1670-1 enscript - arbitrary code execution
Bulletin has no description...
FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD : enscript -- arbitrary code execution vulnerability (a1126054-b57c-11dd-8892-0017319806e7)
Ulf Harnhammar of Secunia Research reports : Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a craft...
CVE-2008-4306
CVE-2008-4306 is a buffer overflow in GNU enscript prior to 1.6.4 (noted in multiple advisories). Vulnerability arises from the handling of special escapes (-e), specifically in the read_special_escape path, enabling potential arbitrary code execution when a crafted ASCII file is opened with ensc...