oss-sec mailing list archives
Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data
From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Mon, 15 Aug 2011 14:02:21 -0400 (EDT)
This was a strange one. Since it's pretty clear there are two implementations (due to 2 different languages, and 2 upstream maintainers), we treated these as separate codebases and went with two separate CVEs. (You could argue this was the same core design problem, but this issue wasn't due to a protocol that required such behavior.)
See below. - Steve ====================================================== Name: CVE-2011-2697 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 Reference: MLIST:[oss-security] 20110713 CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/13/3 Reference: MLIST:[oss-security] 20110718 Re: CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/18/3 Reference: MLIST:[oss-security] 20110728 Re: CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/28/1 Reference: CONFIRM:https://bugzilla.novell.com/show_bug.cgi?id=698451 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=721001 Reference: XF:hplinuxprinting-foomaticriphplip-code-exec(68993) Reference: URL:http://xforce.iss.net/xforce/xfdb/68993 foomatic-rip-hplip in HP Linux Imaging and Printing (HPLIP) 3.11.5 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file. ====================================================== Name: CVE-2011-2964 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 Reference: MLIST:[oss-security] 20110713 CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/13/3 Reference: MLIST:[oss-security] 20110718 Re: CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/18/3 Reference: MLIST:[oss-security] 20110728 Re: CVE Request: hplip/foomatic-filters Reference: URL:http://www.openwall.com/lists/oss-security/2011/07/28/1 Reference: CONFIRM:https://bugzilla.novell.com/show_bug.cgi?id=698451 Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=721001 Reference: REDHAT:RHSA-2011:1110 Reference: URL:http://www.redhat.com/support/errata/RHSA-2011-1110.html Reference: XF:foomatic-foomatic-code-execution(68994) Reference: URL:http://xforce.iss.net/xforce/xfdb/68994 foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.
Current thread:
- CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Jan Lieskovsky (Jul 28)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Josh Bressers (Jul 29)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Huzaifa Sidhpurwala (Aug 14)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Steven M. Christey (Aug 15)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Huzaifa Sidhpurwala (Aug 14)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Josh Bressers (Aug 17)
- Re: CVE Request -- foomatic (foomatic-filters): foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data Josh Bressers (Jul 29)