netatalk shell characters vulnerabilities updated since 18.01.2009
Published:		01.02.2009
Source:		BUGTRAQ
SecurityVulns ID:		9596
Type:		remote
Level:		5/10
Description:		Shell characters vulnerability on PostScript print jobs processing.

Affected:		NETATALK : netatalk 2.0
CVE:		CVE-2008-5718 (The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.)

Original document		DEBIAN, [SECURITY] [DSA 1704-2] Updated netatalk packages fix denial of service (01.02.2009)
		DEBIAN, [SECURITY] [DSA 1705-1] New netatalk packages fix arbitrary code execution (18.01.2009)

Discuss:

Read or add your comments to this news (0 comments)