GNU a2ps File Name Command Execution Vulnerability

Reportedly GNU a2ps is affected by a filename command-execution vulnerability. This issue is due to the application's failure to properly sanitize filenames.

An attacker might leverage this issue to execute arbitrary shell commands with the privileges of an unsuspecting user running the vulnerable application.

Although this issue reportedly affects only a2ps version 4.13, other versions are likely affected as well.


 

Privacy Statement
Copyright 2010, SecurityFocus