← volver
CVE-2011-2899

CVE-2011-2899

EPSS 2.0%
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patchhttps://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119https://bugzilla.redhat.com/show_bug.cgi?id=728348http://secunia.com/advisories/45744http://www.redhat.com/support/errata/RHSA-2011-1196.htmlhttp://www.securitytracker.com/id?1025967