Lucene search
K

285 matches found

Cvelist
Cvelist
added 2016/04/14 2:0 p.m.25 views

CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; semicolon character in a print job, a different vulnerability than CVE-2015-8327...

7.7AI score0.05251EPSS
Exploits0References10
CVE
CVE
added 2016/04/14 2:0 p.m.116 views

CVE-2015-8560

CVE-2015-8560 describes an incomplete blacklist vulnerability in foomatic-rip (util.c) used by cups-filters 1.0.42 and in foomatic-filters (Foomatic 4.0.x). The issue allows remote attackers to execute arbitrary commands by injecting a ; (semicolon) in a print job. Root cause is failure to fully ...

7.5CVSS7.5AI score0.05251EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2016/04/14 2:0 p.m.20 views

CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; semicolon character in a print job, a different vulnerability than CVE-2015-8327...

7.5CVSS7.9AI score0.05251EPSS
Exploits0
CNVD
CNVD
added 2016/03/24 12:0 a.m.4 views

foomatic-rip Arbitrary Command Execution Vulnerability

Foomatic is a database-driven printing system developed by the Linux Foundation's OpenPrinting Working Group, which integrates a general-purpose back-end printing system for Unix with an open-source printer driver. foomatic-rip a.k.a. foomatic-filters is an internal component that helps the...

7.5CVSS7.3AI score0.05251EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/24 12:0 a.m.4 views

foomatic-rip memory corruption vulnerability

Foomatic is a database-driven printing system developed by the Linux Foundation's OpenPrinting Working Group, which integrates a general-purpose back-end printing system for Unix with an open-source printer driver. foomatic-rip a.k.a. foomatic-filters is an internal component that helps the...

9.8CVSS7.3AI score0.05483EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/03/24 12:0 a.m.38 views

CentOS Update for foomatic CESA-2016:0491 centos6

Check the version of foomatic SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882436";...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/03/24 12:0 a.m.27 views

Scientific Linux Security Update : foomatic on SL6.x i386/x86_64 (20160323)

It was discovered that the unhtmlify function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. CVE-2010-5325 It was...

9.8CVSS8.1AI score0.10171EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/03/24 12:0 a.m.16 views

OracleVM 3.3 / 3.4 : foomatic (OVMSA-2016-0040)

The remote OracleVM system is missing necessary patches to address critical security updates : - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 - Prevent foomatic-rip overrun bug 1214534. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.5CVSS7.5AI score0.10171EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2016/03/24 12:0 a.m.34 views

CentOS 6 : foomatic (CESA-2016:0491)

An updated foomatic package that fixes three security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

9.8CVSS8.1AI score0.10171EPSS
Exploits0References4
Cent OS
Cent OS
added 2016/03/23 1:11 p.m.72 views

foomatic security update

CentOS Errata and Security Advisory CESA-2016:0491 An updated foomatic package that fixes three security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2016/03/23 12:0 a.m.34 views

RedHat Update for foomatic RHSA-2016:0491-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/03/23 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2016-0491)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/03/23 12:0 a.m.37 views

Oracle Linux 6 : foomatic (ELSA-2016-0491)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2016-0491 advisory. - CVE-2015-8327, CVE-2015-8560 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

9.8CVSS7.6AI score0.10171EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/03/22 9:2 p.m.5 views

cups-filters: foomatic-rip did not consider the back tick as an illegal shell escape character

It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands...

7.5CVSS7.4AI score0.10171EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/22 9:2 p.m.6 views

cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character

It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands...

7.5CVSS7.4AI score0.05251EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/03/22 9:2 p.m.4 views

foomatic: potential remote arbitrary code execution

It was discovered that the unhtmlify function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code...

9.8CVSS6.2AI score0.05483EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/03/22 9:2 p.m.36 views

Moderate: Red Hat Security Advisory: foomatic security update

An updated foomatic package that fixes three security issues is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availabl...

9.8CVSS7.5AI score0.10171EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2016/03/22 12:0 a.m.45 views

foomatic security update

4.0.4-5 - Also consider back tick and semicolon as illegal shell escape characters. - CVE-2015-8327, CVE-2015-8560 4.0.4-4 - Prevent foomatic-rip overrun bug 1214534...

7.5CVSS2.7AI score0.10171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.16 views

Debian DLA-399-1 : foomatic-filters security update

cups-filters contains multiple buffer overflows caused by lack of size checks when copying from environment variables to local buffers strcpy as well on string concatenation operations strcat. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA...

5.7AI score
Exploits0References2
Debian
Debian
added 2016/01/23 10:33 p.m.16 views

[SECURITY] [DLA 399-1] foomatic-filters security update

Package : foomatic-filters Version : 4.0.5-6+squeeze2+deb6u13 CVE ID : not yet assigned cups-filters contains multiple buffer overflows caused by lack of size checks when copying from environment variables to local buffers strcpy as well on string concatenation operations strcat...

7.3AI score
Exploits0
Rows per page
Query Builder