oss-sec mailing list archives
CVE Request: foomatic-gui
From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Wed, 03 Aug 2011 09:13:00 -0400
Hello, foomatic-gui improperly escapes certain hostnames, resulting in a remote arbitrary command execution vulnerability. Ref.: https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119 http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3 http://packages.debian.org/changelogs/pool/main/f/foomatic-gui/foomatic-gui_0.7.9.5/changelog Could a CVE please be assigned to this issue? Thanks, Marc. -- Marc Deslauriers Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Current thread:
- CVE Request: foomatic-gui Marc Deslauriers (Aug 03)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 03)
- Re: CVE Request: foomatic-gui Josh Bressers (Aug 03)
- Re: CVE Request: foomatic-gui dave bl (Aug 04)
- Re: CVE Request: foomatic-gui Henri Salo (Aug 04)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 04)
- Re: CVE Request: foomatic-gui Josh Bressers (Aug 04)
- Re: CVE Request: foomatic-gui Tim Waugh (Aug 05)
- Re: CVE Request: foomatic-gui dave bl (Aug 05)
- Re: CVE Request: foomatic-gui Huzaifa Sidhpurwala (Aug 11)
- Re: CVE Request: foomatic-gui dave bl (Aug 04)