pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P
Vendors Products
Redhat
  • System-config-printer

Configuration 1 [-]

OR cpe:2.3:a:redhat:system-config-printer:0.7.32.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.32.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.32.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.32.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.32.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.60:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.61:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.62:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.63:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.63.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.63.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.63.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.63.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.65:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.66:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.67:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.68:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.69:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.70:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.71:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.72:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.73:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.74.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.75:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.76:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.77:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.78:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.79:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.80:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.81:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.7.82.5:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:system-config-printer:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.14:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.16:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.17:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.18:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.19:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.20:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.21:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.22:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.23:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.24:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.25:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.26:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.27:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.28:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.29:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.30:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.31:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.32:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.33:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.34:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.35:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.36:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.37:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.38:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.39:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.40:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.41:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.42:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.43:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.44:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.45:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.46:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.47:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.48:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.49:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.50:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.51:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.52:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.53:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.54:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.55:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.56:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.57:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.58:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.59:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.60:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.61:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.62:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.63:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.65:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.66:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.67:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.68:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.69:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.70:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.71:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.72:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.73:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.74:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.75:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.76:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.77:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.78:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.79:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.80:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.81:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.82:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.83:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.84:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.85:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.86:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.87:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.88:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.89:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.90:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.91:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.92:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.93:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.94:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.95:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.96:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.97:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.98:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.99:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.100:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.101:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.102:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.103:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.104:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.105:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.106:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.107:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.108:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.109:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.110:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.111:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.112:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.113:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.114:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.115:*:*:*:*:*:*:*
cpe:2.3:a:redhat:system-config-printer:0.6.116:*:*:*:*:*:*:*
References
Link Resource
http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch Patch
http://secunia.com/advisories/45744 Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1196.html Vendor Advisory
http://www.securitytracker.com/id?1025967
https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119 Patch
https://bugzilla.redhat.com/show_bug.cgi?id=728348 Patch
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2011-08-31T23:00:00Z

Updated: 2011-08-31T23:00:00Z

Reserved: 2011-07-27T00:00:00Z

Link: CVE-2011-2899

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2011-08-31T23:55:03.457

Modified: 2012-06-15T04:00:00.000

Link: CVE-2011-2899

JSON object: View

cve-icon Redhat Information

No data.

CWE