The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enscript | Gnu | 1.4 | 1.4 |
Enscript | Gnu | 1.5 | 1.5 |
Enscript | Gnu | 1.6 | 1.6 |
Enscript | Gnu | 1.6.1 | 1.6.1 |
Enscript | Gnu | 1.6.2 | 1.6.2 |
Enscript | Gnu | 1.6.3 | 1.6.3 |
Enscript | Gnu | 1.6.4 | 1.6.4 |
Propack | Sgi | 3.0 | 3.0 |
Red Hat Enterprise Linux 3 | RedHat | enscript-0:1.6.1-24.4 | * |
Red Hat Enterprise Linux 4 | RedHat | enscript-0:1.6.1-28.3 | * |
Enscript | Ubuntu | dapper | * |
Enscript | Ubuntu | devel | * |
Enscript | Ubuntu | edgy | * |
Enscript | Ubuntu | feisty | * |