Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for foomatic (EulerOS-SA-2019-2412)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.2.2019.2412

Categoría: Huawei EulerOS Local Security Checks

Título: Huawei EulerOS: Security Advisory for foomatic (EulerOS-SA-2019-2412)

Resumen: The remote host is missing an update for the Huawei EulerOS 'foomatic' package(s) announced via the EulerOS-SA-2019-2412 advisory.

Descripción: Summary:
The remote host is missing an update for the Huawei EulerOS 'foomatic' package(s) announced via the EulerOS-SA-2019-2412 advisory.

Vulnerability Insight:
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.(CVE-2015-8327)

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a semicolon character in a print job, a different vulnerability than CVE-2015-8327.(CVE-2015-8560)

Affected Software/OS:
'foomatic' package(s) on Huawei EulerOS V2.0SP2.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-8327
BugTraq ID: 78524
http://www.securityfocus.com/bid/78524
Debian Security Information: DSA-3411 (Google Search)
http://www.debian.org/security/2015/dsa-3411
Debian Security Information: DSA-3429 (Google Search)
http://www.debian.org/security/2015/dsa-3429
https://lists.debian.org/debian-printing/2015/11/msg00020.html
https://lists.debian.org/debian-printing/2015/12/msg00001.html
RedHat Security Advisories: RHSA-2016:0491
http://rhn.redhat.com/errata/RHSA-2016-0491.html
SuSE Security Announcement: openSUSE-SU-2016:0179 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html
http://www.ubuntu.com/usn/USN-2831-1
http://www.ubuntu.com/usn/USN-2831-2
Common Vulnerability Exposure (CVE) ID: CVE-2015-8560
Debian Security Information: DSA-3419 (Google Search)
http://www.debian.org/security/2015/dsa-3419
http://www.openwall.com/lists/oss-security/2015/12/13/2
http://www.openwall.com/lists/oss-security/2015/12/14/13
http://www.ubuntu.com/usn/USN-2838-1
http://www.ubuntu.com/usn/USN-2838-2

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.2.2019.2412
Categoría:	Huawei EulerOS Local Security Checks
Título:	Huawei EulerOS: Security Advisory for foomatic (EulerOS-SA-2019-2412)
Resumen:	The remote host is missing an update for the Huawei EulerOS 'foomatic' package(s) announced via the EulerOS-SA-2019-2412 advisory.
Descripción:	Summary: The remote host is missing an update for the Huawei EulerOS 'foomatic' package(s) announced via the EulerOS-SA-2019-2412 advisory. Vulnerability Insight: Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` (backtick) characters in a print job.(CVE-2015-8327) Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a semicolon character in a print job, a different vulnerability than CVE-2015-8327.(CVE-2015-8560) Affected Software/OS: 'foomatic' package(s) on Huawei EulerOS V2.0SP2. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8327 BugTraq ID: 78524 http://www.securityfocus.com/bid/78524 Debian Security Information: DSA-3411 (Google Search) http://www.debian.org/security/2015/dsa-3411 Debian Security Information: DSA-3429 (Google Search) http://www.debian.org/security/2015/dsa-3429 https://lists.debian.org/debian-printing/2015/11/msg00020.html https://lists.debian.org/debian-printing/2015/12/msg00001.html RedHat Security Advisories: RHSA-2016:0491 http://rhn.redhat.com/errata/RHSA-2016-0491.html SuSE Security Announcement: openSUSE-SU-2016:0179 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00065.html http://www.ubuntu.com/usn/USN-2831-1 http://www.ubuntu.com/usn/USN-2831-2 Common Vulnerability Exposure (CVE) ID: CVE-2015-8560 Debian Security Information: DSA-3419 (Google Search) http://www.debian.org/security/2015/dsa-3419 http://www.openwall.com/lists/oss-security/2015/12/13/2 http://www.openwall.com/lists/oss-security/2015/12/14/13 http://www.ubuntu.com/usn/USN-2838-1 http://www.ubuntu.com/usn/USN-2838-2
Copyright	Copyright (C) 2020 Greenbone Networks GmbH