MDKSA-2005:033

Package name

enscript

Date

2005-02-10

Advisory ID

MDKSA-2005:033

Affected versions

CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problem description

A vulnerability in the enscript program's handling of the epsf command used to insert inline EPS file into a document was found. An attacker could create a carefully crafted ASCII file which would make used of the epsf pipe command in such a way that it could execute arbitrary commands if the file was opened with enscript (CAN-2004-1184). Additionally, flaws were found in enscript that could be abused by executing enscript with carefully crafted command-line arguments. These flaws only have a security impact if enscript is executed by other programs and passed untrusted data from remote users (CAN-2004-1185 and CAN-2004-1186). The updated packages have been patched to prevent these problems.

Updated packages

CS2.1 x86_64

 633c80cff58745b0a1e907103267aed5  x86_64/corporate/2.1/RPMS/enscript-1.6.3-1.1.C21mdk.x86_64.rpm
155cc925d6139bbd27272c2e7aab677f  x86_64/corporate/2.1/SRPMS/enscript-1.6.3-1.1.C21mdk.src.rpm

10.0 amd64

 f316e4e8b11dde6155ddca1517fa8954  amd64/10.0/RPMS/enscript-1.6.4-1.1.100mdk.amd64.rpm
1ca9b9369578bc27057366a9c0757671  amd64/10.0/SRPMS/enscript-1.6.4-1.1.100mdk.src.rpm

10.1 i586

 2454e55d7ac2edad3c5513a60fb6dbe0  10.1/RPMS/enscript-1.6.4-1.1.101mdk.i586.rpm
47a3782c9ed270eb92d418fac3f9b390  10.1/SRPMS/enscript-1.6.4-1.1.101mdk.src.rpm

10.0 i586

 f3eb5a56cf8e961908e9014306fd096a  10.0/RPMS/enscript-1.6.4-1.1.100mdk.i586.rpm
1ca9b9369578bc27057366a9c0757671  10.0/SRPMS/enscript-1.6.4-1.1.100mdk.src.rpm

CS3.0 x86_64

 2c6023e776b04c8ca7745e70ca8fe464  x86_64/corporate/3.0/RPMS/enscript-1.6.4-1.1.C30mdk.x86_64.rpm
4ec9da427f7db5e0d2e4cac21e07e2c3  x86_64/corporate/3.0/SRPMS/enscript-1.6.4-1.1.C30mdk.src.rpm

CS3.0 i586

 083cf4b5704f105f0aad21b82d3a2414  corporate/3.0/RPMS/enscript-1.6.4-1.1.C30mdk.i586.rpm
4ec9da427f7db5e0d2e4cac21e07e2c3  corporate/3.0/SRPMS/enscript-1.6.4-1.1.C30mdk.src.rpm

CS2.1 i586

 e14356e6a6bac0eb66a52bad164853b1  corporate/2.1/RPMS/enscript-1.6.3-1.1.C21mdk.i586.rpm
155cc925d6139bbd27272c2e7aab677f  corporate/2.1/SRPMS/enscript-1.6.3-1.1.C21mdk.src.rpm

10.1 x86_64

 9416aa90cf93d61755c815f9c38bac05  x86_64/10.1/RPMS/enscript-1.6.4-1.1.101mdk.x86_64.rpm
47a3782c9ed270eb92d418fac3f9b390  x86_64/10.1/SRPMS/enscript-1.6.4-1.1.101mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1184
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1185
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1186