|
Family: Debian Local Security Checks --> Category: infos
[DSA192] DSA-192-1 html2ps Vulnerability Scan
Vulnerability Scan Summary DSA-192-1 html2ps
Detailed Explanation for this Vulnerability Test
The SuSE Security Team found a vulnerability in html2ps, an HTML to
PostScript converter, that opened files based on unsanitized input
insecurely. This problem can be exploited when html2ps is installed
as filter within lprng and the attacker has previously gained access
to the lp account.
These problems have been fixed in version 1.0b3-1.1 for the current
stable distribution (woody), in version 1.0b1-8.1 for the old stable
distribution (potato) and in version 1.0b3-2 for the unstable
distribution (sid).
We recommend that you upgrade your html2ps package.
Solution : http://www.debian.org/security/2002/dsa-192
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|