The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enscript | Gnu | 1.4 (including) | 1.4 (including) |
Enscript | Gnu | 1.5 (including) | 1.5 (including) |
Enscript | Gnu | 1.6 (including) | 1.6 (including) |
Enscript | Gnu | 1.6.1 (including) | 1.6.1 (including) |
Enscript | Gnu | 1.6.2 (including) | 1.6.2 (including) |
Enscript | Gnu | 1.6.3 (including) | 1.6.3 (including) |
Enscript | Gnu | 1.6.4 (including) | 1.6.4 (including) |
Propack | Sgi | 3.0 (including) | 3.0 (including) |
Enscript | Ubuntu | dapper | * |
Enscript | Ubuntu | devel | * |
Enscript | Ubuntu | edgy | * |
Enscript | Ubuntu | feisty | * |
Red Hat Enterprise Linux 3 | RedHat | enscript-0:1.6.1-24.4 | * |
Red Hat Enterprise Linux 4 | RedHat | enscript-0:1.6.1-28.3 | * |