|
|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200409-24] Foomatic: Arbitrary command execution in foomatic-rip filter Vulnerability Scan
Vulnerability Scan Summary
Foomatic: Arbitrary command execution in foomatic-rip filter
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200409-24
(Foomatic: Arbitrary command execution in foomatic-rip filter)
There is a vulnerability in the foomatic-filters package. This
vulnerability is due to insufficient checking of command-line parameters
and environment variables in the foomatic-rip filter.
Impact
This vulnerability may allow both local and remote attackers to execute
arbitrary commands on the print server with the permissions of the spooler
(oftentimes the "lp" user).
Workaround
There is no known workaround at this time.
References:
http://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0801
Solution:
All foomatic users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-print/foomatic-3.0.2"
# emerge ">=net-print/foomatic-3.0.2"
PLEASE NOTE: You should update foomatic, instead of foomatic-filters. This
will help to ensure that all other foomatic components remain functional.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
