diff options
| author | miwi <miwi@FreeBSD.org> | 2009-03-19 00:18:57 +0800 |
|---|---|---|
| committer | miwi <miwi@FreeBSD.org> | 2009-03-19 00:18:57 +0800 |
| commit | 5d7ff0545bde166a5a357a3c750324aca25e9007 (patch) | |
| tree | d36da1367a5da14db06ac49395a2489cb48aa2a3 /security/vuxml | |
| parent | 425e0882da3aee903eaeb27ec38afdad95cb52a9 (diff) | |
| download | freebsd-ports-graphics-5d7ff0545bde166a5a357a3c750324aca25e9007.tar.gz freebsd-ports-graphics-5d7ff0545bde166a5a357a3c750324aca25e9007.tar.zst freebsd-ports-graphics-5d7ff0545bde166a5a357a3c750324aca25e9007.zip | |
- Added more references to the netatalk
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 370869f6b7a..63dc8eb561b 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -50,7 +50,7 @@ Note: Please add new entries to the beginning of this file. can be exploited by malicious users to compromise a vulnerable system.</p> <p>The vulnerability is caused due to the papd daemon improperly sanitising several received parameters before passing them in a call - to "popen()". This can be exploited to execute arbitrary commands via + to popen(). This can be exploited to execute arbitrary commands via a specially crafted printing request.</p> <p>Successful exploitation requires that a printer is configured to pass arbitrary values as parameters to a piped command.</p> @@ -58,12 +58,15 @@ Note: Please add new entries to the beginning of this file. </body> </description> <references> + <bid>32925</bid> <cvename>CVE-2008-5718</cvename> <url>http://secunia.com/advisories/33227/</url> + <url>http://www.openwall.com/lists/oss-security/2009/01/13/3</url> </references> <dates> <discovery>2008-12-19</discovery> <entry>2009-03-18</entry> + <modified>2009-03-18</modified> </dates> </vuln> |