Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4284
HistoryOct 23, 2008 - 12:00 a.m.

GNU Enscript src/psgen.c栈溢出漏洞

2008-10-2300:00:00
Root
www.seebug.org
14

0.303 Low

EPSS

Percentile

96.5%

JSON

BUGTRAQ ID: 31858
CVE(CAN) ID: CVE-2008-3863

GNU enscript是用于替换Adobe enscript程序的脚本。Enscript可将ASCII文件转换为PostScript并将生成的PostScript输出提供给指定的打印机。

GNU enscript src/psgen.c文件中的read_special_escape()函数存在栈溢出漏洞。如果用户通过-e选项启用了特殊转义处理的话,在转换恶意文件时就可能触发这个溢出,导致执行任意指令。

GNU Enscript 1.6.4 (beta)
GNU Enscript 1.6.1
GNU

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

<a href=“http://www.codento.com/people/mtr/genscript/” target=“_blank”>http://www.codento.com/people/mtr/genscript/</a>

Related

securityvulns 3
nessus 20
openvas 35
cve 1
debiancve 1
prion 1
ubuntucve 2
veracode 1
osv 1
redhat 2
fedora 2
freebsd 1
gentoo 1
oraclelinux 2
centos 3
debian 1
ubuntu 1
securityvulns
securityvulns
GNU enscript buffer overflow
2008-10-29 00:00:00
Secunia Research: GNU Enscript &quot;setfilename&quot; Special Escape Buffer Overflow
2008-10-29 00:00:00
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00
nessus
nessus
SuSE9 Security Update : enscript (YOU Patch Number 12275)
2009-09-24 00:00:00
openSUSE 10 Security Update : enscript (enscript-5719)
2008-11-06 00:00:00
SuSE 10 Security Update : enscript (ZYPP Patch Number 5715)
2008-11-06 00:00:00
openvas
openvas
SLES10: Security update for enscript
2009-10-13 00:00:00
SLES10: Security update for enscript
2009-10-13 00:00:00
SLES9: Security update for enscript
2009-10-10 00:00:00
cve
cve
CVE-2008-3863
2008-10-23 22:00:00
debiancve
debiancve
CVE-2008-3863
2008-10-23 22:00:00
prion
prion
Stack overflow
2008-10-23 22:00:00
ubuntucve
ubuntucve
CVE-2008-3863
2008-10-23 00:00:00
CVE-2008-4306
2008-11-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:29:06
osv
osv
enscript - arbitrary code execution
2008-11-24 00:00:00
redhat
redhat
(RHSA-2008:1016) Moderate: enscript security update
2008-12-15 00:00:00
(RHSA-2008:1021) Moderate: enscript security update
2008-12-15 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: enscript-1.6.4-9.fc8
2008-11-06 04:04:23
[SECURITY] Fedora 9 Update: enscript-1.6.4-10.fc9
2008-11-06 04:06:38
freebsd
freebsd
enscript -- arbitrary code execution vulnerability
2008-10-22 00:00:00
gentoo
gentoo
enscript: User-assisted execution of arbitrary code
2008-12-02 00:00:00
oraclelinux
oraclelinux
enscript security update
2008-12-15 00:00:00
enscript security update
2008-12-15 00:00:00
centos
centos
enscript security update
2008-12-16 01:11:43
enscript security update
2008-12-15 16:57:26
enscript security update
2008-12-15 22:08:08
debian
debian
[SECURITY] [DSA 1670-1] New enscript packages fix arbitrary code execution
2008-11-24 21:01:29
ubuntu
ubuntu
enscript vulnerability
2008-11-03 00:00:00

0.303 Low

EPSS

Percentile

96.5%

JSON
Related for SSV:4284
securityvulns3nessus20openvas35cve1debiancve1prion1ubuntucve2veracode1osv1redhat2fedora2freebsd1gentoo1oraclelinux2centos3debian1ubuntu1