[gentoo-announce] [ GLSA 200409-24 ] Foomatic: Arbitrary command execution in foomatic-rip filter - gentoo-announce

From:	"Joshua J. Berry" <condordes@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200409-24 ] Foomatic: Arbitrary command execution in foomatic-rip filter
Date:	Mon, 20 Sep 2004 15:02:39
Message-Id:	`20040920150106.GA5401@deneb.condordes.net`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200409-24

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: High

8

     Title: Foomatic: Arbitrary command execution in foomatic-rip

9

            filter

10

      Date: September 20, 2004

11

      Bugs: #64166

12

        ID: 200409-24

13

14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

15

16

Synopsis

17

========

18

19

The foomatic-rip filter in foomatic-filters contains a vulnerability

20

which may allow arbitrary command execution on the print server.

21

22

Background

23

==========

24

25

Foomatic is a system for connecting printer drivers with spooler

26

systems such as CUPS and LPD. The foomatic-filters package contains

27

wrapper scripts which are designed to be used with Foomatic.

28

29

Affected packages

30

=================

31

32

    -------------------------------------------------------------------

33

     Package                     /  Vulnerable  /           Unaffected

34

    -------------------------------------------------------------------

35

  1  net-print/foomatic              <= 3.0.1                 >= 3.0.2

36

  2  net-print/foomatic-filters      <= 3.0.1                 >= 3.0.2

37

    -------------------------------------------------------------------

38

     2 affected packages on all of their supported architectures.

39

    -------------------------------------------------------------------

40

41

Description

42

===========

43

44

There is a vulnerability in the foomatic-filters package. This

45

vulnerability is due to insufficient checking of command-line

46

parameters and environment variables in the foomatic-rip filter.

47

48

Impact

49

======

50

51

This vulnerability may allow both local and remote attackers to execute

52

arbitrary commands on the print server with the permissions of the

53

spooler (oftentimes the "lp" user).

54

55

Workaround

56

==========

57

58

There is no known workaround at this time.

59

60

Resolution

61

==========

62

63

All foomatic users should upgrade to the latest version:

64

65

    # emerge sync

66

67

    # emerge -pv ">=net-print/foomatic-3.0.2"

68

    # emerge ">=net-print/foomatic-3.0.2"

69

70

PLEASE NOTE: You should update foomatic, instead of foomatic-filters.

71

This will help to ensure that all other foomatic components remain

72

functional.

73

74

References

75

==========

76

77

  [ 1 ] Foomatic Announcement

78

        http://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html

79

  [ 2 ] Mandrakesoft Security Advisory

80

        http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094

81

  [ 3 ] CAN 2004-0801

82

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801

83

84

Availability

85

============

86

87

This GLSA and any updates to it are available for viewing at

88

the Gentoo Security Website:

89

90

  http://security.gentoo.org/glsa/glsa-200409-24.xml

91

92

Concerns?

93

=========

94

95

Security is a primary focus of Gentoo Linux and ensuring the

96

confidentiality and security of our users machines is of utmost

97

importance to us. Any security concerns should be addressed to

98

security@g.o or alternatively, you may file a bug at

99

http://bugs.gentoo.org.

100

101

License

102

=======

103

104

Copyright 2004 Gentoo Foundation, Inc; referenced text

105

belongs to its owner(s).

106

107

The contents of this document are licensed under the

108

Creative Commons - Attribution / Share Alike license.

109

110

http://creativecommons.org/licenses/by-sa/1.0

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200409-24
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: High
8	Title: Foomatic: Arbitrary command execution in foomatic-rip
9	filter
10	Date: September 20, 2004
11	Bugs: #64166
12	ID: 200409-24
13
14	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16	Synopsis
17	========
18
19	The foomatic-rip filter in foomatic-filters contains a vulnerability
20	which may allow arbitrary command execution on the print server.
21
22	Background
23	==========
24
25	Foomatic is a system for connecting printer drivers with spooler
26	systems such as CUPS and LPD. The foomatic-filters package contains
27	wrapper scripts which are designed to be used with Foomatic.
28
29	Affected packages
30	=================
31
32	-------------------------------------------------------------------
33	Package / Vulnerable / Unaffected
34	-------------------------------------------------------------------
35	1 net-print/foomatic <= 3.0.1 >= 3.0.2
36	2 net-print/foomatic-filters <= 3.0.1 >= 3.0.2
37	-------------------------------------------------------------------
38	2 affected packages on all of their supported architectures.
39	-------------------------------------------------------------------
40
41	Description
42	===========
43
44	There is a vulnerability in the foomatic-filters package. This
45	vulnerability is due to insufficient checking of command-line
46	parameters and environment variables in the foomatic-rip filter.
47
48	Impact
49	======
50
51	This vulnerability may allow both local and remote attackers to execute
52	arbitrary commands on the print server with the permissions of the
53	spooler (oftentimes the "lp" user).
54
55	Workaround
56	==========
57
58	There is no known workaround at this time.
59
60	Resolution
61	==========
62
63	All foomatic users should upgrade to the latest version:
64
65	# emerge sync
66
67	# emerge -pv ">=net-print/foomatic-3.0.2"
68	# emerge ">=net-print/foomatic-3.0.2"
69
70	PLEASE NOTE: You should update foomatic, instead of foomatic-filters.
71	This will help to ensure that all other foomatic components remain
72	functional.
73
74	References
75	==========
76
77	[ 1 ] Foomatic Announcement
78	http://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html
79	[ 2 ] Mandrakesoft Security Advisory
80	http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094
81	[ 3 ] CAN 2004-0801
82	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801
83
84	Availability
85	============
86
87	This GLSA and any updates to it are available for viewing at
88	the Gentoo Security Website:
89
90	http://security.gentoo.org/glsa/glsa-200409-24.xml
91
92	Concerns?
93	=========
94
95	Security is a primary focus of Gentoo Linux and ensuring the
96	confidentiality and security of our users machines is of utmost
97	importance to us. Any security concerns should be addressed to
98	security@g.o or alternatively, you may file a bug at
99	http://bugs.gentoo.org.
100
101	License
102	=======
103
104	Copyright 2004 Gentoo Foundation, Inc; referenced text
105	belongs to its owner(s).
106
107	The contents of this document are licensed under the
108	Creative Commons - Attribution / Share Alike license.
109
110	http://creativecommons.org/licenses/by-sa/1.0

Gentoo Archives: gentoo-announce