Vulnerability CVE-2011-2964

Vulnerability Name:

CVE-2011-2964 (CCN-68994)

Assigned:

2011-06-07

Published:

2011-06-07

Updated:

2017-08-29

Summary:

foomaticrip.c in foomatic-rip in foomatic-filters in Foomatic 4.0.6 allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file, a different vulnerability than CVE-2011-2697.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-94

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-2964

Source: CCN
Type: RHSA-2011-1110
Moderate: foomatic security update

Source: SECUNIA
Type: UNKNOWN
45477

Source: GENTOO
Type: UNKNOWN
GLSA-201203-07

Source: DEBIAN
Type: DSA-2380
foomatic-filters -- shell command injection

Source: CCN
Type: LinuxFoundation Web site
Foomatic

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2011:125

Source: MLIST
Type: Exploit, Patch
[oss-security] 20110713 CVE Request: hplip/foomatic-filters

Source: MLIST
Type: Exploit, Patch
[oss-security] 20110718 Re: CVE Request: hplip/foomatic-filters

Source: MLIST
Type: Exploit, Patch
[oss-security] 20110728 Re: CVE Request: hplip/foomatic-filters

Source: REDHAT
Type: UNKNOWN
RHSA-2011:1110

Source: UBUNTU
Type: UNKNOWN
USN-1194-1

Source: CONFIRM
Type: UNKNOWN
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Source: CONFIRM
Type: Exploit, Patch
https://bugzilla.novell.com/show_bug.cgi?id=698451

Source: CCN
Type: Red Hat Bugzilla Bug 721001
CVE-2011-2697 foomatic: Improper sanitization of command line option in foomatic-rip

Source: CONFIRM
Type: Exploit, Patch
https://bugzilla.redhat.com/show_bug.cgi?id=721001

Source: XF
Type: UNKNOWN
foomatic-foomatic-code-execution(68994)

Source: XF
Type: UNKNOWN
foomatic-foomatic-code-execution(68994)

Vulnerable Configuration:

Configuration 1:

cpe:/a:linuxfoundation:foomatic:4.0.6:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:linuxfoundation:foomatic:4.0.6:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20112964	V	CVE-2011-2964	2022-05-20
oval:org.opensuse.security:def:32290	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:33108	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:33064	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:33746	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:33041	P	Security update for qemu (Important)	2021-11-10
oval:org.opensuse.security:def:32953	P	Security update for ovmf (Important)	2021-06-22
oval:org.opensuse.security:def:32896	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32278	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:28959	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:32279	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:33785	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:33002	P	Security update for kernel-source (Important)	2021-02-05
oval:org.opensuse.security:def:28856	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:32740	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28478	P	Security update for zlib (Moderate)	2020-12-01
oval:org.opensuse.security:def:29059	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:28620	P	Security update for xorg-x11-libXt	2020-12-01
oval:org.opensuse.security:def:29733	P	Security update for foomatic-filters	2020-12-01
oval:org.opensuse.security:def:32502	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28269	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:32653	P	ecryptfs-utils-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28347	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29015	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28563	P	Security update for inkscape	2020-12-01
oval:org.opensuse.security:def:29697	P	Security update for facter (Moderate)	2020-12-01
oval:org.opensuse.security:def:28704	P	Security update for gpgme	2020-12-01
oval:org.opensuse.security:def:32367	P	Security update for syslog-ng (Moderate)	2020-12-01
oval:org.opensuse.security:def:28268	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:28910	P	Security update for gcc5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32596	P	postgresql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28280	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:28998	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.mitre.oval:def:14027	P	USN-1194-1 -- foomatic-filters vulnerabilities	2014-06-30
oval:org.mitre.oval:def:15147	P	DSA-2380-1 foomatic-filters -- shell command injection	2014-06-23
oval:org.mitre.oval:def:23286	P	ELSA-2011:1110: foomatic security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:21595	P	RHSA-2011:1110: foomatic security update (Moderate)	2014-02-24
oval:com.redhat.rhsa:def:20111110	P	RHSA-2011:1110: foomatic security update (Moderate)	2011-08-01

BACK