CVE-2004-1185

Current Description

Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

Basic Data

PublishedJanuary 21, 2005
Last ModifiedOctober 19, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score7.5
SeverityHIGH
Exploitability Score10.0
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegetrue
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationGnuEnscript1.3.0*******
    2.3ApplicationGnuEnscript1.4.0*******
    2.3ApplicationGnuEnscript1.5.0*******
    2.3ApplicationGnuEnscript1.6.0*******
    2.3ApplicationGnuEnscript1.6.1*******
    2.3ApplicationGnuEnscript1.6.2*******
    2.3ApplicationGnuEnscript1.6.3*******

Vulnerable Software List

VendorProductVersions
Gnu Enscript 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.6.1, 1.6.2, 1.6.3

References

NameSourceURLTags
APPLE-SA-2009-05-12http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlAPPLE
35074http://secunia.com/advisories/35074SECUNIA
1012965http://securitytracker.com/id?1012965SECTRACK
http://support.apple.com/kb/HT3549http://support.apple.com/kb/HT3549CONFIRM
DSA-654http://www.debian.org/security/2005/dsa-654DEBIANPatch Vendor Advisory
GLSA-200502-03http://www.gentoo.org/security/en/glsa/glsa-200502-03.xmlGENTOOPatch
MDKSA-2005:033http://www.mandriva.com/security/advisories?name=MDKSA-2005:033MANDRAKE
RHSA-2005:040http://www.redhat.com/support/errata/RHSA-2005-040.htmlREDHAT
FLSA:152892http://www.securityfocus.com/archive/1/419768/100/0/threadedFEDORA
20060526 rPSA-2006-0083-1 enscripthttp://www.securityfocus.com/archive/1/435199/100/0/threadedBUGTRAQ
12329http://www.securityfocus.com/bid/12329BID
TA09-133Ahttp://www.us-cert.gov/cas/techalerts/TA09-133A.htmlCERTUS Government Resource
ADV-2009-1297http://www.vupen.com/english/advisories/2009/1297VUPEN
enscript-filename-command-execution(19029)https://exchange.xforce.ibmcloud.com/vulnerabilities/19029XF
oval:org.mitre.oval:def:10808https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808OVAL
USN-68-1https://usn.ubuntu.com/68-1/UBUNTU