Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: foomatic-gui
From: Josh Bressers <bressers () redhat com>
Date: Wed, 3 Aug 2011 16:45:42 -0400 (EDT)

Please use CVE-2011-2899

Thanks.

-- 
    JB

----- Original Message -----
Hello,

foomatic-gui improperly escapes certain hostnames, resulting in a
remote
arbitrary command execution vulnerability.

Ref.:
https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119
http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3
http://packages.debian.org/changelogs/pool/main/f/foomatic-gui/foomatic-gui_0.7.9.5/changelog

Could a CVE please be assigned to this issue?

Thanks,

Marc.


--
Marc Deslauriers
Ubuntu Security Engineer | http://www.ubuntu.com/
Canonical Ltd. | http://www.canonical.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault