FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
72cba7b0-13cd-11de-a964-0030843d3802netatalk -- arbitrary command execution in papd daemon

Secunia reports:

A vulnerability has been reported in Netatalk, which potentially can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to the papd daemon improperly sanitising several received parameters before passing them in a call to popen(). This can be exploited to execute arbitrary commands via a specially crafted printing request.

Successful exploitation requires that a printer is configured to pass arbitrary values as parameters to a piped command.


Discovery 2008-12-19
Entry 2009-03-18
Modified 2009-03-18
netatalk
< 2.0.3_5,1

32925
CVE-2008-5718
http://secunia.com/advisories/33227/
http://www.openwall.com/lists/oss-security/2009/01/13/3