a2ps 4.13 - security issue

bug-a2ps

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

a2ps 4.13 - security issue

From:	K. K. Tam
Subject:	a2ps 4.13 - security issue
Date:	Fri, 03 Dec 2004 23:12:12 +0800
User-agent:	Mozilla Thunderbird 1.0RC1 (Windows/20041201)

Hi,

I've learned from SUN security alerts (ID 57649) that a2ps has afilename vulnerability that may allow a local unprivileged user toexecute arbitrary code. I wonder if this is correct for version 4.13.If yes, will you release a patch on the sources (v4.13 or v4.13b) soon?

We have a port on Solaris 9 from sources of version 4.13. Lately wehave one of the system being compromised and suspect "a2ps" might be oneof the plausible cause after reviewing all relevant operating systempatches.


Thanks in advance.


Regards,
K. K. Tam
Information Technology Services Center
Hong Kong University of Science & Technology

[Prev in Thread]

Current Thread

[Next in Thread]

a2ps 4.13 - security issue, K. K. Tam <=

Prev by Date: little bottle eliminates photo cops - creedal aberdeen
Next by Date: (no subject)
Previous by thread: little bottle eliminates photo cops - creedal aberdeen
Next by thread: (no subject)
Index(es):
- Date
- Thread