Уязвимость CVE-2008-5718: Информация

Описание

The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.

Важность: CRITICAL (9,3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2008-5718
Опубликовано: 26 декабря 2008 г.
Изменено: 2 апреля 2009 г.
Идентификатор типа ошибки: CWE-78

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
netatalkp103.1.13-alt13.1.17-alt1ALT-PU-2023-1957-2322322Исправлено
netatalkc10f13.1.13-alt13.1.17-alt1ALT-PU-2023-5152-3327862Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
http://sourceforge.net/project/shownotes.php?release_id=648189
    50824
      33227
      • Vendor Advisory
      [oss-security] 20090114 update on CVE-2008-5718
        33548
        • Vendor Advisory
        DSA-1705
        • Patch
        32925
        • Patch
        SUSE-SR:2009:004
          34484
          • Vendor Advisory
          FEDORA-2009-3064
            FEDORA-2009-3069

                1. Конфигурация 1

                  cpe:2.3:a:netatalk:netatalk:1.5pre5:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.0:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0.1:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5pre4:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0:alpha2:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0:rc1:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0.2:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.2:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.4a:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.4.99-0.20001108:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5:rc2:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.1:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*
                  End including
                  2.0.3
                  cpe:2.3:a:netatalk:netatalk:2.0:rc2:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.1:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.0:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5pre3:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0:beta1:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.3.1:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5pre6:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0:beta2:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.3:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5pre8:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0.0:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.2:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.6.4:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.1.1:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5pre7:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5.5:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.5:rc1:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:1.4.99-0.20000927:*:*:*:*:*:*:*
                  cpe:2.3:a:netatalk:netatalk:2.0:alpha1:*:*:*:*:*:*
              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
              Версия: v24.4.2
              Наверх