Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA192] DSA-192-1 html2ps


Vulnerability Assessment Details

[DSA192] DSA-192-1 html2ps

Vulnerability Assessment Summary
DSA-192-1 html2ps

Detailed Explanation for this Vulnerability Assessment

The SuSE Security Team found a vulnerability in html2ps, an HTML to
PostScript converter, that opened files based on unsanitized input
insecurely. This problem can be exploited when html2ps is installed
as filter within lprng and the attacker has previously gained access
to the lp account.
These problems have been fixed in version 1.0b3-1.1 for the current
stable distribution (woody), in version 1.0b1-8.1 for the old stable
distribution (potato) and in version 1.0b3-2 for the unstable
distribution (sid).
We recommend that you upgrade your html2ps package.


Solution : http://www.debian.org/security/2002/dsa-192
Network Security Threat Level: High

Networks Security ID: 6079

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

Lantronix MSS-100 Fast Ethernet Micro Serial Server With Power Supply Free S/H
$29.95
Lantronix MSS-100 Fast Ethernet Micro Serial Server With Power Supply Free S/H  pictureWINTEC 1GB Super Micro Server Memory PC2-3200/1G/E/R DDR2 REG ECC Memory
$10.0
WINTEC 1GB Super Micro Server Memory PC2-3200/1G/E/R DDR2 REG ECC Memory pictureOMEGA iSERVER Micro Server with Probe
$100.0
OMEGA iSERVER Micro Server with Probe pictureHP Proliant MicroServer Turion II Neo N40L Dual-Core 1.5GHz, 4GB, w/4x HDD
$189.0
HP Proliant MicroServer Turion II Neo N40L Dual-Core 1.5GHz, 4GB, w/4x HDD picture


Discussions

No Discussions have been posted on this vulnerability.