CVE-2015-8327

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.
References
Link Resource
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS Vendor Advisory
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html
http://rhn.redhat.com/errata/RHSA-2016-0491.html
http://www.debian.org/security/2015/dsa-3411
http://www.debian.org/security/2015/dsa-3429
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/78524
http://www.ubuntu.com/usn/USN-2831-1
http://www.ubuntu.com/usn/USN-2831-2
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886
https://lists.debian.org/debian-printing/2015/11/msg00020.html
https://lists.debian.org/debian-printing/2015/12/msg00001.html
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS Vendor Advisory
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406
http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html
http://rhn.redhat.com/errata/RHSA-2016-0491.html
http://www.debian.org/security/2015/dsa-3411
http://www.debian.org/security/2015/dsa-3429
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/78524
http://www.ubuntu.com/usn/USN-2831-1
http://www.ubuntu.com/usn/USN-2831-2
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886
https://lists.debian.org/debian-printing/2015/11/msg00020.html
https://lists.debian.org/debian-printing/2015/12/msg00001.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.11:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.12:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.13:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.14:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.15:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.16:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:foomatic-filters:4.0.17:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:linuxfoundation:cups-filters:1.0.42:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.43:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.44:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.45:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.46:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.47:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.48:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.49:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.50:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.51:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.52:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.53:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.54:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.55:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.56:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.57:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.58:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.59:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.60:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.61:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.62:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.63:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.64:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.65:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.66:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.67:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.68:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.69:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.70:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.71:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.72:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.73:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.74:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.75:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.0.76:*:*:*:*:*:*:*
cpe:2.3:a:linuxfoundation:cups-filters:1.1.0:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:38

Type Values Removed Values Added
References () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS - Vendor Advisory () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWS - Vendor Advisory
References () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406 - () http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7406 -
References () http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html - () http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html -
References () http://rhn.redhat.com/errata/RHSA-2016-0491.html - () http://rhn.redhat.com/errata/RHSA-2016-0491.html -
References () http://www.debian.org/security/2015/dsa-3411 - () http://www.debian.org/security/2015/dsa-3411 -
References () http://www.debian.org/security/2015/dsa-3429 - () http://www.debian.org/security/2015/dsa-3429 -
References () http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html - () http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html -
References () http://www.securityfocus.com/bid/78524 - () http://www.securityfocus.com/bid/78524 -
References () http://www.ubuntu.com/usn/USN-2831-1 - () http://www.ubuntu.com/usn/USN-2831-1 -
References () http://www.ubuntu.com/usn/USN-2831-2 - () http://www.ubuntu.com/usn/USN-2831-2 -
References () https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886 - () https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806886 -
References () https://lists.debian.org/debian-printing/2015/11/msg00020.html - () https://lists.debian.org/debian-printing/2015/11/msg00020.html -
References () https://lists.debian.org/debian-printing/2015/12/msg00001.html - () https://lists.debian.org/debian-printing/2015/12/msg00001.html -

Information

Published : 2015-12-17 19:59

Updated : 2024-11-21 02:38


NVD link : CVE-2015-8327

Mitre link : CVE-2015-8327

CVE.ORG link : CVE-2015-8327


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_server_eus
  • enterprise_linux_desktop
  • enterprise_linux_hpc_node
  • enterprise_linux_workstation

linuxfoundation

  • cups-filters
  • foomatic-filters

canonical

  • ubuntu_linux

debian

  • debian_linux