Mandrake Linux Security Advisory : printer-filters-utils (MDKSA-2005:239)

'newbug' discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges. Mandriva encourages all users to upgrade immediately. The updated packages have been...

Ubuntu 4.10 : imagemagick vulnerability (USN-7-1)

A buffer overflow in imagemagick's EXIF parsing routine has been discovered in imagemagick versions prior to 6.1.0. Trying to query EXIF information of a malicious image file might result in execution of arbitrary code with the user's privileges. Since imagemagick can be used in custom printing...

CVE-2005-4604

This CVE (CVE-2005-4604) concerns a buffer overflow in MTink within the printer-filters-utils package, exploitable via an overly long HOME environment variable. Affected component: mtink binary used by printer-filters-utils. Root cause: buffer overflow leading to arbitrary code execution by local...

CVE-2005-4604

Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-4604

Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-4604

Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-4604

Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable...

Linux printer drivers mtink buffer overflow

Buffer overflow on oversized HOME environment variable...

CVE-2002-2201

CVE-2002-2201 affects Webmin ≤ 0.990, where the Printer Administration module allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the printer name. This is a remote, unauthenticated issue with high impact (arbitrary code execution) as described in multiple s...

Do not print on AppSocket and socketAPI printers

The host seems to be an AppSocket or socketAPI printer. Scanning it will waste paper. So ports 2000, 2501, 9100-9107, 9112-9116, 9200 and 10001 won SPDX-FileCopyrightText: 2005 Laurent Facq SPDX-FileCopyrightText: New detection methods / pattern / code since 2009 Greenbone AG Some text descriptio...

PTL_advisory_050825.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ================================================================= P . T . L . P I N I O N S T E K N I S K A L A B O R A T O R I U M The Pinion Technical Laboratory http://www.pinion.se Advisory...

USN-185-1: CUPS vulnerability

A flaw was detected in the printer access control list checking in the CUPS server. Printer names were compared in a case sensitive manner; by modifying the capitalization of printer names, a remote attacker could circumvent ACLs and print to printers he should not have access to. The Ubuntu 5.04...

Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)

Exploit for solaris platform in category remote exploits ============================================================ Solaris 'Solaris LPD Arbitrary File Delete', 'Version' = '$Revision: 1.6 $', 'Authors' = 'H D Moore ', 'Optyx ' , 'Arch' = , 'OS' = 'solaris' , 'UserOpts' = 'RHOST' = 1, 'ADDR',...

[Full-disclosure] Privilege escalation in Linksys WLAN Monitor v2.0.

Summary: Privilege escalation in Linksys WLAN Monitor v2.0 http://www.linksys.com/ Details: The Linksys WLAN Monitor service WLSVC that is used to configure settings for various Linksys wireless network cards runs under the context of the LocalSystem account. It is possible to manipulate the...

MS05-043: Vulnerability in Printer Spooler Service Could Allow Remote Code Execution (896423) (uncredentialed check)

The remote host contains a version of the Print Spooler service that may allow an attacker to execute code on the remote host or crash the spooler service. An attacker can execute code on the remote host with a NULL session against : - Windows 2000 An attacker can crash the remote service with a...

security flaw

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive...

CVE-2004-2166

CVE-2004-2166 affects Canon ImageRUNNER (iR) 5000i and C3200 printers, where the print-from-email feature can be abused when IP range filtering is not used. A remote attacker can send a text/plain email to TCP port 25 and cause the device to print arbitrary text without authentication. The issue ...

CVE-2004-2166

The print-from-email feature in the Canon ImageRUNNER iR 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25...

CVE-2005-2169

CVE-2005-2169 is a directory traversal vulnerability in Quick & Dirty PHPSource Printer 1.1 and earlier. The flaw allows remote attackers to read arbitrary files by supplying evil ".../...//" sequences in the file parameter, which are reduced to "../" by a regex, enabling access to parent directo...

CVE-2005-2169

Directory traversal vulnerability in source.php in Quick & Dirty PHPSource Printer 1.1 and earlier allows remote attackers to read arbitrary files via ".../...//" sequences in the file parameter, which are reduced to "../" when PHPSource Printer uses a regular expression to remove "../" sequences...