← voltar
CVE-2011-2899

CVE-2011-2899

EPSS 2.0%
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patchhttps://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119https://bugzilla.redhat.com/show_bug.cgi?id=728348http://secunia.com/advisories/45744http://www.redhat.com/support/errata/RHSA-2011-1196.htmlhttp://www.securitytracker.com/id?1025967