blob: 496d7e1facf9f95a5bb5293d2d11f7b245cc17ff [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200409-24">
<title>Foomatic: Arbitrary command execution in foomatic-rip filter</title>
The foomatic-rip filter in foomatic-filters contains a vulnerability which
may allow arbitrary command execution on the print server.
<product type="ebuild">foomatic</product>
<announced>September 20, 2004</announced>
<revised>September 20, 2004: 01</revised>
<package name="net-print/foomatic" auto="yes" arch="*">
<unaffected range="ge">3.0.2</unaffected>
<vulnerable range="le">3.0.1</vulnerable>
<package name="net-print/foomatic-filters" auto="yes" arch="*">
<unaffected range="ge">3.0.2</unaffected>
<vulnerable range="le">3.0.1</vulnerable>
Foomatic is a system for connecting printer drivers with spooler systems
such as CUPS and LPD. The foomatic-filters package contains wrapper scripts
which are designed to be used with Foomatic.
There is a vulnerability in the foomatic-filters package. This
vulnerability is due to insufficient checking of command-line parameters
and environment variables in the foomatic-rip filter.
<impact type="high">
This vulnerability may allow both local and remote attackers to execute
arbitrary commands on the print server with the permissions of the spooler
(oftentimes the &quot;lp&quot; user).
There is no known workaround at this time.
All foomatic users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=net-print/foomatic-3.0.2"
# emerge ">=net-print/foomatic-3.0.2"</code>
PLEASE NOTE: You should update foomatic, instead of foomatic-filters. This
will help to ensure that all other foomatic components remain functional.
<uri link="">Foomatic Announcement</uri>
<uri link="">Mandrakesoft Security Advisory</uri>
<uri link="">CAN 2004-0801</uri>
<metadata tag="submitter" timestamp="Thu, 16 Sep 2004 17:39:12 +0000">
<metadata tag="bugReady" timestamp="Mon, 20 Sep 2004 01:02:29 +0000">