Debian DLA-371-1 : foomatic-filters security update

high Nessus Plugin ID 87508

Language:

Synopsis

The remote Debian host is missing a security update.

Description

Adam Chester discovered that there was an injection vulnerability in foomatic-filters which is used by printer spoolers to convert incoming PostScript data into the printer's native format. This could lead to the execution of arbitrary commands.

The patch applied in DLA 365-1 prevented usage of (unescaped) backticks and this update complements the previous update by doing the same for semi-colons.

For Debian 6 Squeeze, this issue has been fixed in foomatic-filters version 4.0.5-6+squeeze2+deb6u12.

(Thanks to Yann Soubeyrand who prepared the updated Debian package)

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Upgrade the affected foomatic-filters package.

Plugin Details

Severity: High

ID: 87508

File Name: debian_DLA-371.nasl

Version: 2.11

Type: local

Agent: unix

Family: Debian Local Security Checks

Published: 12/21/2015

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:foomatic-filters, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 12/18/2015

Reference Information

CVE: CVE-2015-8560

Detections

Analytics