Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24767

HistoryApr 10, 2020 - 1:03 a.m.

Arbitrary Code Execution

2020-04-1001:03:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

16

EPSS

0.005

Percentile

77.1%

system-config-printer is vulnerable to arbitrary code execution. The vulnerability exists as it was found that system-config-printer did not properly sanitize NetBIOS and workgroup names when searching for network printers. A remote attacker could use this flaw to execute arbitrary code with the privileges of the user running system-config-printer.

References

cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch

secunia.com/advisories/45744

www.redhat.com/support/errata/RHSA-2011-1196.html

www.securitytracker.com/id?1025967

access.redhat.com/errata/RHSA-2011:1196

access.redhat.com/security/updates/classification/#moderate

bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119

bugzilla.redhat.com/show_bug.cgi?id=728348

EPSS

0.005

Percentile

77.1%

Related for VERACODE:24767

redhat1 nessus10 centos1 openvas12 cve1 oraclelinux1 prion1 debiancve1 cvelist1 nvd1 ubuntucve1