Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2899

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2011-2899
Last Modified 15 Jun 2012 12:00:00
Published 31 Aug 2011 07:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-2899

Summary

pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.

Vulnerable Systems

Application

  • Redhat System-config-printer 0.6.0

  • Redhat System-config-printer 0.6.1

  • Redhat System-config-printer 0.6.10

  • Redhat System-config-printer 0.6.100

  • Redhat System-config-printer 0.6.101

  • Redhat System-config-printer 0.6.102

  • Redhat System-config-printer 0.6.103

  • Redhat System-config-printer 0.6.104

  • Redhat System-config-printer 0.6.105

  • Redhat System-config-printer 0.6.106

  • Redhat System-config-printer 0.6.107

  • Redhat System-config-printer 0.6.108

  • Redhat System-config-printer 0.6.109

  • Redhat System-config-printer 0.6.11

  • Redhat System-config-printer 0.6.110

  • Redhat System-config-printer 0.6.111

  • Redhat System-config-printer 0.6.112

  • Redhat System-config-printer 0.6.113

  • Redhat System-config-printer 0.6.114

  • Redhat System-config-printer 0.6.115

  • Redhat System-config-printer 0.6.116

  • Redhat System-config-printer 0.6.12

  • Redhat System-config-printer 0.6.13

  • Redhat System-config-printer 0.6.14

  • Redhat System-config-printer 0.6.15

  • Redhat System-config-printer 0.6.16

  • Redhat System-config-printer 0.6.17

  • Redhat System-config-printer 0.6.18

  • Redhat System-config-printer 0.6.19

  • Redhat System-config-printer 0.6.2

  • Redhat System-config-printer 0.6.20

  • Redhat System-config-printer 0.6.21

  • Redhat System-config-printer 0.6.22

  • Redhat System-config-printer 0.6.23

  • Redhat System-config-printer 0.6.24

  • Redhat System-config-printer 0.6.25

  • Redhat System-config-printer 0.6.26

  • Redhat System-config-printer 0.6.27

  • Redhat System-config-printer 0.6.28

  • Redhat System-config-printer 0.6.29

  • Redhat System-config-printer 0.6.3

  • Redhat System-config-printer 0.6.30

  • Redhat System-config-printer 0.6.31

  • Redhat System-config-printer 0.6.32

  • Redhat System-config-printer 0.6.33

  • Redhat System-config-printer 0.6.34

  • Redhat System-config-printer 0.6.35

  • Redhat System-config-printer 0.6.36

  • Redhat System-config-printer 0.6.37

  • Redhat System-config-printer 0.6.38

  • Redhat System-config-printer 0.6.39

  • Redhat System-config-printer 0.6.4

  • Redhat System-config-printer 0.6.40

  • Redhat System-config-printer 0.6.41

  • Redhat System-config-printer 0.6.42

  • Redhat System-config-printer 0.6.43

  • Redhat System-config-printer 0.6.44

  • Redhat System-config-printer 0.6.45

  • Redhat System-config-printer 0.6.46

  • Redhat System-config-printer 0.6.47

  • Redhat System-config-printer 0.6.48

  • Redhat System-config-printer 0.6.49

  • Redhat System-config-printer 0.6.5

  • Redhat System-config-printer 0.6.50

  • Redhat System-config-printer 0.6.51

  • Redhat System-config-printer 0.6.52

  • Redhat System-config-printer 0.6.53

  • Redhat System-config-printer 0.6.54

  • Redhat System-config-printer 0.6.55

  • Redhat System-config-printer 0.6.56

  • Redhat System-config-printer 0.6.57

  • Redhat System-config-printer 0.6.58

  • Redhat System-config-printer 0.6.59

  • Redhat System-config-printer 0.6.6

  • Redhat System-config-printer 0.6.60

  • Redhat System-config-printer 0.6.61

  • Redhat System-config-printer 0.6.62

  • Redhat System-config-printer 0.6.63

  • Redhat System-config-printer 0.6.64

  • Redhat System-config-printer 0.6.65

  • Redhat System-config-printer 0.6.66

  • Redhat System-config-printer 0.6.67

  • Redhat System-config-printer 0.6.68

  • Redhat System-config-printer 0.6.69

  • Redhat System-config-printer 0.6.7

  • Redhat System-config-printer 0.6.70

  • Redhat System-config-printer 0.6.71

  • Redhat System-config-printer 0.6.72

  • Redhat System-config-printer 0.6.73

  • Redhat System-config-printer 0.6.74

  • Redhat System-config-printer 0.6.75

  • Redhat System-config-printer 0.6.76

  • Redhat System-config-printer 0.6.77

  • Redhat System-config-printer 0.6.78

  • Redhat System-config-printer 0.6.79

  • Redhat System-config-printer 0.6.8

  • Redhat System-config-printer 0.6.80

  • Redhat System-config-printer 0.6.81

  • Redhat System-config-printer 0.6.82

  • Redhat System-config-printer 0.6.83

  • Redhat System-config-printer 0.6.84

  • Redhat System-config-printer 0.6.85

  • Redhat System-config-printer 0.6.86

  • Redhat System-config-printer 0.6.87

  • Redhat System-config-printer 0.6.88

  • Redhat System-config-printer 0.6.89

  • Redhat System-config-printer 0.6.9

  • Redhat System-config-printer 0.6.90

  • Redhat System-config-printer 0.6.91

  • Redhat System-config-printer 0.6.92

  • Redhat System-config-printer 0.6.93

  • Redhat System-config-printer 0.6.94

  • Redhat System-config-printer 0.6.95

  • Redhat System-config-printer 0.6.96

  • Redhat System-config-printer 0.6.97

  • Redhat System-config-printer 0.6.98

  • Redhat System-config-printer 0.6.99

  • Redhat System-config-printer 0.7.32.10

  • Redhat System-config-printer 0.7.32.6

  • Redhat System-config-printer 0.7.32.7

  • Redhat System-config-printer 0.7.32.8

  • Redhat System-config-printer 0.7.32.9

  • Redhat System-config-printer 0.7.60

  • Redhat System-config-printer 0.7.61

  • Redhat System-config-printer 0.7.62

  • Redhat System-config-printer 0.7.63

  • Redhat System-config-printer 0.7.63.1

  • Redhat System-config-printer 0.7.63.2

  • Redhat System-config-printer 0.7.63.3

  • Redhat System-config-printer 0.7.63.4

  • Redhat System-config-printer 0.7.64

  • Redhat System-config-printer 0.7.65

  • Redhat System-config-printer 0.7.66

  • Redhat System-config-printer 0.7.67

  • Redhat System-config-printer 0.7.68

  • Redhat System-config-printer 0.7.69

  • Redhat System-config-printer 0.7.70

  • Redhat System-config-printer 0.7.71

  • Redhat System-config-printer 0.7.72

  • Redhat System-config-printer 0.7.73

  • Redhat System-config-printer 0.7.74

  • Redhat System-config-printer 0.7.74.1

  • Redhat System-config-printer 0.7.74.10

  • Redhat System-config-printer 0.7.74.11

  • Redhat System-config-printer 0.7.74.12

  • Redhat System-config-printer 0.7.74.13

  • Redhat System-config-printer 0.7.74.2

  • Redhat System-config-printer 0.7.74.3

  • Redhat System-config-printer 0.7.74.4

  • Redhat System-config-printer 0.7.74.5

  • Redhat System-config-printer 0.7.74.6

  • Redhat System-config-printer 0.7.74.7

  • Redhat System-config-printer 0.7.74.8

  • Redhat System-config-printer 0.7.74.9

  • Redhat System-config-printer 0.7.75

  • Redhat System-config-printer 0.7.76

  • Redhat System-config-printer 0.7.77

  • Redhat System-config-printer 0.7.78

  • Redhat System-config-printer 0.7.79

  • Redhat System-config-printer 0.7.80

  • Redhat System-config-printer 0.7.81

  • Redhat System-config-printer 0.7.82

  • Redhat System-config-printer 0.7.82.1

  • Redhat System-config-printer 0.7.82.2

  • Redhat System-config-printer 0.7.82.3

  • Redhat System-config-printer 0.7.82.4

  • Redhat System-config-printer 0.7.82.5


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=728348

MISC - https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119

MISC - http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch

SECTRACK - 1025967

REDHAT - RHSA-2011:1196

SECUNIA - 45744

Related Patches

Novell SUSE 2012:5607 system-config-printer security update for SLE 11 SP1 i586

Novell SUSE 2012:5607 system-config-printer security update for SLE 11 SP1 x86_64


Last Updated: 27 May 2016 10:57:12