Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Gentoo: GLSA-200812-02 Normal: Enscrip Arbitrary Code Execution Threat

gentoo
Calendar Grey December 2, 2008
Dist Gentoo Esm H88
Mitigating stack overflow vulnerabilities in enscript is crucial to prevent untrusted code execution on Gentoo installations. Prompt patching is advised.
Two buffer overflows in enscript might lead to the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200812-02 https://security.gentoo.org/ Severity: Normal Title: enscript: User-assisted execution of arbitrary code Date: December 02, 2008 Bugs: #243228 ID: 200812-02

Synopsis ======= Two buffer overflows in enscript might lead to the execution of arbitrary code.
Background ========= enscript is a powerful ASCII to PostScript file converter.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/enscript < 1.6.4-r4 >= 1.6.4-r4
========== Two stack-based buffer overflows in the read_special_escape() function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability related to the "setf...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow software update enscript arbitrary code normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo buffer overflow software update enscript arbitrary code normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here