CVE-2001-1593
CVSS2.1
发布时间 :2014-04-05 17:55:06
修订时间 :2014-04-30 21:20:51
NMP    

[原文]The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.


[CNNVD]CNNVD数据暂缺。


[机译]Please help Google Translate improve quality for your language

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-59 [在文件访问前对链接解析不恰当(链接跟随)]

- CPE (受影响的平台与产品)

cpe:/a:gnu:a2ps:4.13bGNU a2ps 4.13b
cpe:/a:gnu:a2ps:4.10.3
cpe:/a:gnu:a2ps:4.10.4
cpe:/a:gnu:a2ps:4.14
cpe:/a:gnu:a2ps:4.13GNU a2ps 4.13
cpe:/a:gnu:a2ps:4.12

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1593
(官方数据源) NVD

- 其它链接及资源

https://bugzilla.redhat.com/show_bug.cgi?id=1060630
(UNKNOWN)  CONFIRM  https://bugzilla.redhat.com/show_bug.cgi?id=1060630
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385
(UNKNOWN)  CONFIRM  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385
http://www.debian.org/security/2014/dsa-2892
(UNKNOWN)  DEBIAN  DSA-2892
http://seclists.org/oss-sec/2014/q1/257
(UNKNOWN)  MLIST  [oss-security] 20140205 Re: CVE request: a2ps insecure temporary file use
http://seclists.org/oss-sec/2014/q1/253
(UNKNOWN)  MLIST  [oss-security] 20140204 Re: CVE request: a2ps insecure temporary file use
http://seclists.org/oss-sec/2014/q1/237
(UNKNOWN)  MLIST  [oss-security] 20140205 Re: CVE request: a2ps insecure temporary file use
http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch
(UNKNOWN)  CONFIRM  http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch

- 漏洞信息 (F125969)

Debian Security Advisory 2892-1 (PacketStormID:F125969)
2014-04-01 00:00:00
Debian  debian.org
advisory,vulnerability
linux,debian
CVE-2001-1593,CVE-2014-0466
[点击下载]

Debian Linux Security Advisory 2892-1 - Several vulnerabilities have been found in a2ps, an 'Anything to PostScript' converter and pretty-printer.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2892-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
March 31, 2014                         http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : a2ps
CVE ID         : CVE-2001-1593 CVE-2014-0466
Debian Bug     : 737385 742902

Several vulnerabilities have been found in a2ps, an 'Anything to
PostScript' converter and pretty-printer. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2001-1593

    The spy_user function which is called when a2ps is invoked with the
    --debug flag insecurely used temporary files.

CVE-2014-0466

    Brian M. Carlson reported that a2ps's fixps script does not invoke
    gs with the -dSAFER option. Consequently executing fixps on a
    malicious PostScript file could result in files being deleted or
    arbitrary commands being executed with the privileges of the user
    running fixps.

For the oldstable distribution (squeeze), these problems have been fixed
in version 1:4.14-1.1+deb6u1.

For the stable distribution (wheezy), these problems have been fixed in
version 1:4.14-1.1+deb7u1.

For the testing distribution (jessie) and the unstable distribution
(sid), these problems will be fixed soon.

We recommend that you upgrade your a2ps packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTObeuAAoJEAVMuPMTQ89EBqYQAJgxKiy7rdpDuREQT1P+qfKU
1N6HSTM64JofXmqbhnvzl3OZilVNDmBBz5X2d2AECMirEh3Pua5LuTsnsrvoxwya
39YA6OcDjbvYyKcOzK224PdavHXbDB/2vGtH0ZD8eVQs13CCaqTrAOMS7XlvJH/7
i+0vk+K6Lte4VaJejcEwONZFyU3OpYS6Mv4Cg3XBCofmc1aoa7MWTvrc9Hb6I6W1
ZmGN/+PdfkEzcD9E05MCXkED5MQ37sDUveGtsYR2zUGwYCNvXtRz1XHjZrH0MpAT
Gr7wD+P+43W9U/zxx6JZCotTbm6Pf/1JLiMkNNFifN2b1I4gsc50sJHi4FKWZPuH
3xAGn2r7LpyS64YfIpZpeDL8HimUvJ1X61F+ps10eR5r3+ie8Mqh02GsjHSBiuCe
v1Bd7jO+UfVbMiiRMusZbWuyKwVBFmTMg6W/IDydNbFxPomOHoCu7+iThuWFsBK+
to5gHf7KVe296avCSTsArNu6wtZvb3bk1pn0cP2goHA8xLR6N3Wq8P4O0sGHi7gY
85i3YG9DqPbwX4Rn5BGJ1wldvan+pkyGZWy4YeIYDQFmFq4afwgzBsKMgKKY+/5z
8XjLs/6jZeYMJgZA/8AKkAJ80S2AZFcecEzbCHHZ88MDcNF18/8iQHPADC8qoi2d
pV4efGOmVB4tEc/WK6vd
=tDck
-----END PGP SIGNATURE-----
    
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站