Vulnerabilites related to gnu - enscript
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/35074
cve@mitre.orghttp://securitytracker.com/id?1012965
cve@mitre.orghttp://support.apple.com/kb/HT3549
cve@mitre.orghttp://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:033
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-040.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/419768/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/435199/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/12329
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1297
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/19033
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134
cve@mitre.orghttps://usn.ubuntu.com/68-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012965
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:033
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-040.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/419768/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/435199/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12329
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/19033
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/68-1/
Impacted products
Vendor Product Version
gnu enscript 1.6.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24957DD9-A63D-4982-B417-1AF27F005AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash)."
    }
  ],
  "id": "CVE-2004-1186",
  "lastModified": "2024-11-20T23:50:18.240",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/68-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/68-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-10-23 22:00
Modified
2024-11-21 00:50
Severity ?
Summary
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
References
PSIRT-CNA@flexerasoftware.comhttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
PSIRT-CNA@flexerasoftware.comhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
PSIRT-CNA@flexerasoftware.comhttp://rhn.redhat.com/errata/RHSA-2008-1021.html
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32137Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32521
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32530Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32753
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32854
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/32970
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/33109
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/advisories/35074
PSIRT-CNA@flexerasoftware.comhttp://secunia.com/secunia_research/2008-41/Vendor Advisory
PSIRT-CNA@flexerasoftware.comhttp://security.gentoo.org/glsa/glsa-200812-02.xml
PSIRT-CNA@flexerasoftware.comhttp://securityreason.com/securityalert/4488
PSIRT-CNA@flexerasoftware.comhttp://support.apple.com/kb/HT3549
PSIRT-CNA@flexerasoftware.comhttp://support.avaya.com/elmodocs2/security/ASA-2008-504.htm
PSIRT-CNA@flexerasoftware.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321
PSIRT-CNA@flexerasoftware.comhttp://www.debian.org/security/2008/dsa-1670
PSIRT-CNA@flexerasoftware.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:243
PSIRT-CNA@flexerasoftware.comhttp://www.redhat.com/support/errata/RHSA-2008-1016.html
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/497647/100/0/threaded
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/archive/1/498385/100/0/threaded
PSIRT-CNA@flexerasoftware.comhttp://www.securityfocus.com/bid/31858
PSIRT-CNA@flexerasoftware.comhttp://www.ubuntu.com/usn/usn-660-1
PSIRT-CNA@flexerasoftware.comhttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2008/2891
PSIRT-CNA@flexerasoftware.comhttp://www.vupen.com/english/advisories/2009/1297
PSIRT-CNA@flexerasoftware.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/46026
PSIRT-CNA@flexerasoftware.comhttps://issues.rpath.com/browse/RPL-2887
PSIRT-CNA@flexerasoftware.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html
PSIRT-CNA@flexerasoftware.comhttps://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2008-1021.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32137Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32521
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32530Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32753
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32854
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32970
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33109
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2008-41/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200812-02.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4488
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1670
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:243
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-1016.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/497647/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/498385/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31858
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-660-1
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2891
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46026
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2887
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html
Impacted products
Vendor Product Version
gnu enscript 1.6.1
gnu enscript 1.6.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E366EE3-E642-4C8D-9C8A-C39D1575D125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0B895F66-7AE0-4B85-A35A-6EA92F14FD39",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la funci\u00f3n read_special_escape en src/psgen.c en GNU Enscript 1.6.1 y 1.6.4 beta, cuando la opci\u00f3n -e (tambi\u00e9n conocido como procesado de escapados especiales) est\u00e1 habilitado, permite a atacantes remotos ayudados por el usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo ASCII manipulado, relacionado con el comando setfilename."
    }
  ],
  "id": "CVE-2008-3863",
  "lastModified": "2024-11-21T00:50:18.210",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-10-23T22:00:01.323",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-1021.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32137"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/32521"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32530"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/32753"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/32854"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/32970"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/33109"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-41/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://security.gentoo.org/glsa/glsa-200812-02.xml"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securityreason.com/securityalert/4488"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.debian.org/security/2008/dsa-1670"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:243"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-1016.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/497647/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/498385/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/31858"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.ubuntu.com/usn/usn-660-1"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/2891"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46026"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://issues.rpath.com/browse/RPL-2887"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-1021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32530"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32753"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32970"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-41/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200812-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-1016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/497647/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/498385/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-660-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2891"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2887"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-01-21 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/35074
cve@mitre.orghttp://securitytracker.com/id?1012965
cve@mitre.orghttp://support.apple.com/kb/HT3549
cve@mitre.orghttp://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:033
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-040.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/419768/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/435199/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/12329
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1297
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/19029
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808
cve@mitre.orghttps://usn.ubuntu.com/68-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012965
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:033
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-040.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/419768/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/435199/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12329
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/19029
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/68-1/
Impacted products
Vendor Product Version
gnu enscript 1.3.0
gnu enscript 1.4.0
gnu enscript 1.5.0
gnu enscript 1.6.0
gnu enscript 1.6.1
gnu enscript 1.6.2
gnu enscript 1.6.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51B4C23E-E053-435E-957F-0A64D1225062",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D223E5-DE84-4983-805A-14F4EC36B4C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F9AE156-F5EC-4946-BC6D-11761DEB3DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3339F4-B649-4569-9391-01428840013C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E366EE3-E642-4C8D-9C8A-C39D1575D125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C04B03C2-C586-4495-B8E4-D5DECCFA2684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24957DD9-A63D-4982-B417-1AF27F005AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames."
    }
  ],
  "id": "CVE-2004-1185",
  "lastModified": "2024-11-20T23:50:18.090",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-21T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19029"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/68-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/68-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-01-21 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
References
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
cve@mitre.orghttp://secunia.com/advisories/35074
cve@mitre.orghttp://securitytracker.com/id?1012965
cve@mitre.orghttp://support.apple.com/kb/HT3549
cve@mitre.orghttp://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2005:033
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2005-040.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/419768/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/435199/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/12329
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/1297
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/19012
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658
cve@mitre.orghttps://usn.ubuntu.com/68-1/
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35074
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1012965
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3549
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-654Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:033
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-040.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/419768/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/435199/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/12329
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1297
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/19012
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/68-1/
Impacted products
Vendor Product Version
gnu enscript 1.4
gnu enscript 1.5
gnu enscript 1.6
gnu enscript 1.6.1
gnu enscript 1.6.2
gnu enscript 1.6.3
gnu enscript 1.6.4
sgi propack 3.0
redhat fedora_core core_2.0
redhat fedora_core core_3.0
suse suse_linux 1.0
suse suse_linux 2.0
suse suse_linux 3.0
suse suse_linux 4.0
suse suse_linux 4.2
suse suse_linux 4.3
suse suse_linux 4.4
suse suse_linux 4.4.1
suse suse_linux 5.0
suse suse_linux 5.1
suse suse_linux 5.2
suse suse_linux 5.3
suse suse_linux 6.0
suse suse_linux 6.1
suse suse_linux 6.1
suse suse_linux 6.2
suse suse_linux 6.3
suse suse_linux 6.3
suse suse_linux 6.3
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 6.4
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.0
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.1
suse suse_linux 7.2
suse suse_linux 7.2
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 7.3
suse suse_linux 8.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
suse suse_linux 9.0
suse suse_linux 9.0
suse suse_linux 9.1
suse suse_linux 9.1
suse suse_linux 9.2
suse suse_linux 9.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39EAF297-5A25-4ACC-B904-A3FBBDCCC142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDCE031-29D1-4F98-BF92-24E12CA6CE45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B899B3C7-9D38-44E8-A2C5-A7B2A3C87C97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E366EE3-E642-4C8D-9C8A-C39D1575D125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C04B03C2-C586-4495-B8E4-D5DECCFA2684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24957DD9-A63D-4982-B417-1AF27F005AE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:enscript:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "574D0C28-047F-49B0-BBAE-5DA861939F7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
              "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
    }
  ],
  "id": "CVE-2004-1184",
  "lastModified": "2024-11-20T23:50:17.930",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-21T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/68-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/68-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2002-01-31 05:00
Modified
2024-11-20 23:38
Severity ?
Summary
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
References
cve@mitre.orghttp://www.debian.org/security/2002/dsa-105
cve@mitre.orghttp://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2002-012.html
cve@mitre.orghttp://www.securityfocus.com/advisories/3818
cve@mitre.orghttp://www.securityfocus.com/bid/3920
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/7932
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2002/dsa-105
af854a3a-2127-422b-91ae-364da2661108http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2002-012.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/advisories/3818
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/3920
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/7932
Impacted products
Vendor Product Version
gnu enscript *
debian debian_linux 2.2
redhat linux 6.0
redhat linux 6.1
redhat linux 6.2
redhat linux 7.0
redhat linux 7.1
redhat linux 7.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:enscript:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D3BDB18-C459-4790-B0E1-2207C24C285F",
              "versionEndIncluding": "1.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files."
    },
    {
      "lang": "es",
      "value": "Enscript 1.5.1 y anteriores permiten a usaurios locales sobreescribir ficheros arbitrarios del usuario Enscript mediante un ataque de enlaces simb\u00f3licos (symlink attack) en ficheros temporales."
    }
  ],
  "id": "CVE-2002-0044",
  "lastModified": "2024-11-20T23:38:09.960",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-01-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2002/dsa-105"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/advisories/3818"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/3920"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2002/dsa-105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/advisories/3818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/3920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2004-1184
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-08 00:46
Severity ?
Summary
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/419768/100/0/threadedvendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/12329vdb-entry, x_refsource_BID
http://support.apple.com/kb/HT3549x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2005:033vendor-advisory, x_refsource_MANDRAKE
https://usn.ubuntu.com/68-1/vendor-advisory, x_refsource_UBUNTU
http://securitytracker.com/id?1012965vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/35074third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-654vendor-advisory, x_refsource_DEBIAN
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlvendor-advisory, x_refsource_APPLE
http://www.securityfocus.com/archive/1/435199/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2009/1297vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-040.htmlvendor-advisory, x_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlvendor-advisory, x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/19012vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:11.489Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:9658",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
          },
          {
            "name": "FLSA:152892",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
          },
          {
            "name": "12329",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12329"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "MDKSA-2005:033",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
          },
          {
            "name": "USN-68-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/68-1/"
          },
          {
            "name": "1012965",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012965"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "DSA-654",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-654"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "20060526 rPSA-2006-0083-1 enscript",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "RHSA-2005:040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
          },
          {
            "name": "GLSA-200502-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
          },
          {
            "name": "enscript-epsf-command-ececution(19012)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:9658",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
        },
        {
          "name": "FLSA:152892",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
        },
        {
          "name": "12329",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12329"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "MDKSA-2005:033",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
        },
        {
          "name": "USN-68-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/68-1/"
        },
        {
          "name": "1012965",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012965"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "DSA-654",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-654"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "20060526 rPSA-2006-0083-1 enscript",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "RHSA-2005:040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
        },
        {
          "name": "GLSA-200502-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
        },
        {
          "name": "enscript-epsf-command-ececution(19012)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1184",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:9658",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
            },
            {
              "name": "FLSA:152892",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
            },
            {
              "name": "12329",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12329"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "MDKSA-2005:033",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
            },
            {
              "name": "USN-68-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/68-1/"
            },
            {
              "name": "1012965",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012965"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "DSA-654",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-654"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "20060526 rPSA-2006-0083-1 enscript",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "RHSA-2005:040",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
            },
            {
              "name": "GLSA-200502-03",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
            },
            {
              "name": "enscript-epsf-command-ececution(19012)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1184",
    "datePublished": "2005-01-29T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:46:11.489Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1186
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-08 00:46
Severity ?
Summary
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/19033vdb-entry, x_refsource_XF
http://www.securityfocus.com/archive/1/419768/100/0/threadedvendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/12329vdb-entry, x_refsource_BID
http://support.apple.com/kb/HT3549x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2005:033vendor-advisory, x_refsource_MANDRAKE
https://usn.ubuntu.com/68-1/vendor-advisory, x_refsource_UBUNTU
http://securitytracker.com/id?1012965vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/35074third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-654vendor-advisory, x_refsource_DEBIAN
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlvendor-advisory, x_refsource_APPLE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/435199/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2009/1297vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-040.htmlvendor-advisory, x_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlvendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:11.460Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "enscript-multiple-bo(19033)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
          },
          {
            "name": "FLSA:152892",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
          },
          {
            "name": "12329",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12329"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "MDKSA-2005:033",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
          },
          {
            "name": "USN-68-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/68-1/"
          },
          {
            "name": "1012965",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012965"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "DSA-654",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-654"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11134",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
          },
          {
            "name": "20060526 rPSA-2006-0083-1 enscript",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "RHSA-2005:040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
          },
          {
            "name": "GLSA-200502-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "enscript-multiple-bo(19033)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
        },
        {
          "name": "FLSA:152892",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
        },
        {
          "name": "12329",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12329"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "MDKSA-2005:033",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
        },
        {
          "name": "USN-68-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/68-1/"
        },
        {
          "name": "1012965",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012965"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "DSA-654",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-654"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11134",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
        },
        {
          "name": "20060526 rPSA-2006-0083-1 enscript",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "RHSA-2005:040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
        },
        {
          "name": "GLSA-200502-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1186",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "enscript-multiple-bo(19033)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19033"
            },
            {
              "name": "FLSA:152892",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
            },
            {
              "name": "12329",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12329"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "MDKSA-2005:033",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
            },
            {
              "name": "USN-68-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/68-1/"
            },
            {
              "name": "1012965",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012965"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "DSA-654",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-654"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11134",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11134"
            },
            {
              "name": "20060526 rPSA-2006-0083-1 enscript",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "RHSA-2005:040",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
            },
            {
              "name": "GLSA-200502-03",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1186",
    "datePublished": "2005-01-29T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:46:11.460Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3863
Vulnerability from cvelistv5
Published
2008-10-23 21:00
Modified
2024-08-07 09:53
Severity ?
Summary
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
References
http://www.vupen.com/english/advisories/2008/2891vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/32137third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/46026vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/31858vdb-entry, x_refsource_BID
http://secunia.com/advisories/32521third-party-advisory, x_refsource_SECUNIA
http://support.apple.com/kb/HT3549x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.htmlvendor-advisory, x_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.htmlvendor-advisory, x_refsource_FEDORA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939vdb-entry, signature, x_refsource_OVAL
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.htmlvendor-advisory, x_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2008-1016.htmlvendor-advisory, x_refsource_REDHAT
http://support.avaya.com/elmodocs2/security/ASA-2008-504.htmx_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-660-1vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/35074third-party-advisory, x_refsource_SECUNIA
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321x_refsource_CONFIRM
http://securityreason.com/securityalert/4488third-party-advisory, x_refsource_SREASON
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlvendor-advisory, x_refsource_APPLE
http://security.gentoo.org/glsa/glsa-200812-02.xmlvendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/archive/1/497647/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/498385/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://issues.rpath.com/browse/RPL-2887x_refsource_CONFIRM
http://secunia.com/advisories/32854third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:243vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/32970third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/32530third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1670vendor-advisory, x_refsource_DEBIAN
http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2009/1297vdb-entry, x_refsource_VUPEN
http://secunia.com/secunia_research/2008-41/x_refsource_MISC
http://secunia.com/advisories/32753third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/33109third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2008-1021.htmlvendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2008-2891",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2891"
          },
          {
            "name": "32137",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32137"
          },
          {
            "name": "gnuenscript-readspecialescape-bo(46026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46026"
          },
          {
            "name": "31858",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31858"
          },
          {
            "name": "32521",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32521"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "SUSE-SR:2008:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"
          },
          {
            "name": "FEDORA-2008-9372",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9939",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939"
          },
          {
            "name": "FEDORA-2008-9351",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html"
          },
          {
            "name": "RHSA-2008:1016",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-1016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm"
          },
          {
            "name": "USN-660-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-660-1"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321"
          },
          {
            "name": "4488",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/4488"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "GLSA-200812-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200812-02.xml"
          },
          {
            "name": "20081022 Secunia Research: GNU Enscript \"setfilename\" Special Escape Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/497647/100/0/threaded"
          },
          {
            "name": "20081117 rPSA-2008-0321-1 enscript",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/498385/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2887"
          },
          {
            "name": "32854",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32854"
          },
          {
            "name": "MDVSA-2008:243",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:243"
          },
          {
            "name": "32970",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32970"
          },
          {
            "name": "32530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32530"
          },
          {
            "name": "DSA-1670",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1670"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-41/"
          },
          {
            "name": "32753",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32753"
          },
          {
            "name": "33109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33109"
          },
          {
            "name": "RHSA-2008:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2008-1021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-10-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "ADV-2008-2891",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2891"
        },
        {
          "name": "32137",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32137"
        },
        {
          "name": "gnuenscript-readspecialescape-bo(46026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46026"
        },
        {
          "name": "31858",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31858"
        },
        {
          "name": "32521",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32521"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "SUSE-SR:2008:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"
        },
        {
          "name": "FEDORA-2008-9372",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9939",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939"
        },
        {
          "name": "FEDORA-2008-9351",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html"
        },
        {
          "name": "RHSA-2008:1016",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-1016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm"
        },
        {
          "name": "USN-660-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-660-1"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321"
        },
        {
          "name": "4488",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/4488"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "GLSA-200812-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200812-02.xml"
        },
        {
          "name": "20081022 Secunia Research: GNU Enscript \"setfilename\" Special Escape Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/497647/100/0/threaded"
        },
        {
          "name": "20081117 rPSA-2008-0321-1 enscript",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/498385/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2887"
        },
        {
          "name": "32854",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32854"
        },
        {
          "name": "MDVSA-2008:243",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:243"
        },
        {
          "name": "32970",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32970"
        },
        {
          "name": "32530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32530"
        },
        {
          "name": "DSA-1670",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1670"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-41/"
        },
        {
          "name": "32753",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32753"
        },
        {
          "name": "33109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33109"
        },
        {
          "name": "RHSA-2008:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2008-1021.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-3863",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2008-2891",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2891"
            },
            {
              "name": "32137",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32137"
            },
            {
              "name": "gnuenscript-readspecialescape-bo(46026)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46026"
            },
            {
              "name": "31858",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31858"
            },
            {
              "name": "32521",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32521"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "SUSE-SR:2008:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"
            },
            {
              "name": "FEDORA-2008-9372",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9939",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939"
            },
            {
              "name": "FEDORA-2008-9351",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html"
            },
            {
              "name": "RHSA-2008:1016",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-1016.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm"
            },
            {
              "name": "USN-660-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-660-1"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321"
            },
            {
              "name": "4488",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/4488"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "GLSA-200812-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200812-02.xml"
            },
            {
              "name": "20081022 Secunia Research: GNU Enscript \"setfilename\" Special Escape Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/497647/100/0/threaded"
            },
            {
              "name": "20081117 rPSA-2008-0321-1 enscript",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/498385/100/0/threaded"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2887",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-2887"
            },
            {
              "name": "32854",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32854"
            },
            {
              "name": "MDVSA-2008:243",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:243"
            },
            {
              "name": "32970",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32970"
            },
            {
              "name": "32530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32530"
            },
            {
              "name": "DSA-1670",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1670"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-41/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-41/"
            },
            {
              "name": "32753",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32753"
            },
            {
              "name": "33109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33109"
            },
            {
              "name": "RHSA-2008:1021",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2008-1021.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-3863",
    "datePublished": "2008-10-23T21:00:00",
    "dateReserved": "2008-08-29T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1185
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-08 00:46
Severity ?
Summary
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
References
http://www.securityfocus.com/archive/1/419768/100/0/threadedvendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/12329vdb-entry, x_refsource_BID
http://support.apple.com/kb/HT3549x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2005:033vendor-advisory, x_refsource_MANDRAKE
https://usn.ubuntu.com/68-1/vendor-advisory, x_refsource_UBUNTU
http://securitytracker.com/id?1012965vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/35074third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-654vendor-advisory, x_refsource_DEBIAN
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlvendor-advisory, x_refsource_APPLE
http://www.securityfocus.com/archive/1/435199/100/0/threadedmailing-list, x_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/19029vdb-entry, x_refsource_XF
http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlthird-party-advisory, x_refsource_CERT
http://www.vupen.com/english/advisories/2009/1297vdb-entry, x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2005-040.htmlvendor-advisory, x_refsource_REDHAT
http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlvendor-advisory, x_refsource_GENTOO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:11.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FLSA:152892",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
          },
          {
            "name": "12329",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12329"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "oval:org.mitre.oval:def:10808",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808"
          },
          {
            "name": "MDKSA-2005:033",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
          },
          {
            "name": "USN-68-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/68-1/"
          },
          {
            "name": "1012965",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012965"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "DSA-654",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-654"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "20060526 rPSA-2006-0083-1 enscript",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
          },
          {
            "name": "enscript-filename-command-execution(19029)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19029"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "RHSA-2005:040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
          },
          {
            "name": "GLSA-200502-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FLSA:152892",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
        },
        {
          "name": "12329",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12329"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "oval:org.mitre.oval:def:10808",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808"
        },
        {
          "name": "MDKSA-2005:033",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
        },
        {
          "name": "USN-68-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/68-1/"
        },
        {
          "name": "1012965",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012965"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "DSA-654",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-654"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "20060526 rPSA-2006-0083-1 enscript",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
        },
        {
          "name": "enscript-filename-command-execution(19029)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19029"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "RHSA-2005:040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
        },
        {
          "name": "GLSA-200502-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1185",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FLSA:152892",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
            },
            {
              "name": "12329",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12329"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "oval:org.mitre.oval:def:10808",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808"
            },
            {
              "name": "MDKSA-2005:033",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
            },
            {
              "name": "USN-68-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/68-1/"
            },
            {
              "name": "1012965",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012965"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "DSA-654",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-654"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "20060526 rPSA-2006-0083-1 enscript",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
            },
            {
              "name": "enscript-filename-command-execution(19029)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19029"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "RHSA-2005:040",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
            },
            {
              "name": "GLSA-200502-03",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1185",
    "datePublished": "2005-01-29T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:46:11.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-0044
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
Summary
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
References
http://www.securityfocus.com/advisories/3818vendor-advisory, x_refsource_HP
http://www.securityfocus.com/bid/3920vdb-entry, x_refsource_BID
http://www.redhat.com/support/errata/RHSA-2002-012.htmlvendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2002/dsa-105vendor-advisory, x_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/7932vdb-entry, x_refsource_XF
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3vendor-advisory, x_refsource_MANDRAKE
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:35:17.232Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBTL0201-019",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/3818"
          },
          {
            "name": "3920",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3920"
          },
          {
            "name": "RHSA-2002:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html"
          },
          {
            "name": "DSA-105",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2002/dsa-105"
          },
          {
            "name": "gnu-enscript-tmpfile-symlink(7932)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932"
          },
          {
            "name": "MDKSA-2002:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-02-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "HPSBTL0201-019",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/advisories/3818"
        },
        {
          "name": "3920",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3920"
        },
        {
          "name": "RHSA-2002:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html"
        },
        {
          "name": "DSA-105",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2002/dsa-105"
        },
        {
          "name": "gnu-enscript-tmpfile-symlink(7932)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932"
        },
        {
          "name": "MDKSA-2002:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0044",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBTL0201-019",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/advisories/3818"
            },
            {
              "name": "3920",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3920"
            },
            {
              "name": "RHSA-2002:012",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html"
            },
            {
              "name": "DSA-105",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2002/dsa-105"
            },
            {
              "name": "gnu-enscript-tmpfile-symlink(7932)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932"
            },
            {
              "name": "MDKSA-2002:010",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0044",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-01-22T00:00:00",
    "dateUpdated": "2024-08-08T02:35:17.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}