EUVD-2004-1374

Malware in sbrugna...

SUSE CVE-2004-1377

The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

FreeBSD : a2ps -- insecure temporary file creation (9168253c-5a6d-11d9-a9e7-0001020eed82)

A Secunia Security Advisory reports that Javier Fernandez-Sanguino Pena has found temporary file creation vulnerabilities in the fixps and psmandup scripts which are part of a2ps. These vulnerabilities could lead to an attacker overwriting arbitrary files with the credentials of the user running...

CVE-2004-1377

The CVE-2004-1377 issue affects the a2ps package: the fixps (fixps.in) and psmandup (psmandup.in) scripts allow local users to overwrite arbitrary files via a symlink attack on temporary files, with impact being partial integrity if exploited. Documentation in multiple advisories confirms this vu...

a2ps: Multiple vulnerabilities

Background a2ps is an Any to Postscript filter that can convert to Postscript from many filetypes. fixps is a script that fixes errors in Postscript files. psmandup produces a Postscript file for printing in manual duplex mode. Description Javier Fernandez-Sanguino Pena discovered that the a2ps...