144684 – CAN-2004-1184 multiple security issues in enscript (CAN-2004-1185 CAN-2004-1186)

Bug 144684 - CAN-2004-1184 multiple security issues in enscript (CAN-2004-1185 CAN-2004-1186)

Summary: CAN-2004-1184 multiple security issues in enscript (CAN-2004-1185 CAN-2004-1186)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	enscript
Sub Component:
Version:	3
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tim Waugh
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=moderate,embargo=20050120
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-01-10 17:29 UTC by Josh Bressers
Modified:	2007-11-30 22:10 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-01-26 10:25:44 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Josh Bressers 2005-01-10 17:29:32 UTC

*** This bug has been split off bug 144683 ***

------- Original comment by Josh Bressers (Security Response Team) on 2005.01.10
12:26 -------

This was reported to vendor-sec on 2004-01-07

Erik SjÃ¶lund has discovered several security relevant problems in
enscript, a program to converts ASCII text to Postscript and other
formats.  The Common Vulnerabilities and Exposures project identifies
the following vulnerabilities:

CAN-2004-1184

    Unsanitised input can caues the execution of arbitrary commands
    via EPSF pipe support.  This has been disabled, also upstream.

CAN-2004-1185

    Due to missing sanitising of filenames it is possible that a
    specially crafted filename can cause arbitrary commands to be
    executed.

CAN-2004-1186

    Multiple buffer overflows can cause the program to crash.

Comment 1 Josh Bressers 2005-01-10 17:29:52 UTC

This issue should also affect FC2.

Note You need to log in before you can comment on or make changes to this bug.