漏洞信息详情
LinuxPrinting.org Foomatic-Filter命令执行漏洞
- CNNVD编号:CNNVD-200409-039
- 危害等级: 中危
- CVE编号: CVE-2004-0801
- 漏洞类型: 输入验证
- 发布时间: 2004-09-16
- 威胁类型: 远程
- 更新时间: 2010-02-24
- 厂 商: trustix
- 漏洞来源: Discovery of this ...
漏洞简介
Foomatic 3.0.2之前版本中的foomatic-rip存在未知漏洞。本地用户或远程攻击者可以利用该漏洞通过访问CUPS来执行任意命令。
漏洞公告
Please see the referenced vendor advisories for information on obtaining and applying fixes. Sun Java Desktop System (JDS) 2003
- Sun patch-9321
- Sun patch-9321
- Conectiva foomatic-filters-3.0-27082U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/foomatic-filters-3.0-27082U 90_1cl.i386.rpm
- Conectiva foomatic-filters-cupsomatic-20020309-28777U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/foomatic-filters-cupsomatic -20020309-28777U90_1cl.i386.rpm
- RedHat foomatic-3.0.0-21.5.legacy.i386.rpmRedHat Fedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/foomatic-3.0.0- 21.5.legacy.i386.rpm
- SuSE foomatic-filters-3.0.0-100.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters- 3.0.0-100.i586.patch.rpm
- SuSE foomatic-filters-3.0.0-100.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filt ers-3.0.0-100.x86_64.patch.rpm
- SuSE foomatic-filters-3.0.0-100.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/foomatic-filters- 3.0.0-100.i586.rpm
- SuSE foomatic-filters-3.0.0-100.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/foomatic-filt ers-3.0.0-100.x86_64.rpm
- Conectiva foomatic-filters-3.0.1-54575U10_1cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/foomatic-filters-3.0.1-545 75U10_1cl.noarch.rpm
- Fedora foomatic-3.0.1-3.1.i386.rpmRedHat Fedora Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
- Fedora foomatic-3.0.1-3.1.x86_64.rpmRedHat Fedora Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
- Fedora foomatic-debuginfo-3.0.1-3.1.i386.rpmRedHat Fedora Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
- Fedora foomatic-debuginfo-3.0.1-3.1.x86_64.rpmRedHat Fedora Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
- Mandrake cups-drivers-1.1-116.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake cups-drivers-1.1-116.1.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
- Mandrake cups-drivers-1.1-138.2.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake cups-drivers-1.1-138.2.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
- Mandrake ghostscript-7.07-0.12.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake ghostscript-7.07-0.12.1.92mdk.i586.rpmMandrake Linux 9.2 http://www.mandrakesecure.net/en/ftp.php
- Mandrake ghostscript-7.07-19.2.100mdk.amd64.rpmMandrake Linux 10.0/AMD64 http://www.mandrakesecure.net/en/ftp.php
- Mandrake ghostscript-7.07-19.2.100mdk.i586.rpmMandrake Linux 10.0 http://www.mandrakesecure.net/en/ftp.php
-
Mandrake ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpmMandrake Linux 9.2/AMD64
参考网址
来源: XF 名称: foomatic-command-execution(17388) 链接:http://xforce.iss.net/xforce/xfdb/17388 来源: TRUSTIX 名称: 2004-0047 链接:http://www.trustix.net/errata/2004/0047/ 来源: SUSE 名称: SUSE-SA:2004:031 链接:http://www.novell.com/linux/security/advisories/2004_31_cups.HTML 来源: SECUNIA 名称: 12557 链接:http://secunia.com/advisories/12557/ 来源: SCO 名称: SCOSA-2005.12 链接:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt 来源: SUNALERT 名称: 1000757 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1 来源: SUNALERT 名称: 201005 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1 来源: CONECTIVA 名称: CLA-2004:880 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000880 来源: BID 名称: 11184 链接:http://www.securityfocus.com/bid/11184 来源: SECUNIA 名称: 20312 链接:http://secunia.com/advisories/20312 来源: SUSE 名称: SUSE-SA:2006:026 链接:http://lists.suse.com/archive/suse-security-announce/2006-May/0007.HTML
受影响实体
- Trustix Secure_linux:2.1
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论