CVE-2011-2899
Description
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.579
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2011:1196) Moderate: system-config-printer security update system-config-printer-0.7.32.10-1.el5_7.1.i386.rpm | Linux |
| (RHSA-2011:1196) Moderate: system-config-printer security update system-config-printer-0.7.32.10-1.el5_7.1.x86_64.rpm | Linux |
| (RHSA-2011:1196) Moderate: system-config-printer security update system-config-printer-libs-0.7.32.10-1.el5_7.1.i386.rpm | Linux |
| (RHSA-2011:1196) Moderate: system-config-printer security update system-config-printer-libs-0.7.32.10-1.el5_7.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234