Vulnerability Details CVE-2011-2899
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.9%
CVSS Severity
CVSS v2 Score 5.1
References
- http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch
- http://secunia.com/advisories/45744
- http://www.redhat.com/support/errata/RHSA-2011-1196.html
- http://www.securitytracker.com/id?1025967
- https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119
- https://bugzilla.redhat.com/show_bug.cgi?id=728348
- http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch
- http://secunia.com/advisories/45744
- http://www.redhat.com/support/errata/RHSA-2011-1196.html
- http://www.securitytracker.com/id?1025967
- https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119
- https://bugzilla.redhat.com/show_bug.cgi?id=728348
Products affected by CVE-2011-2899
-
cpe:2.3:a:redhat:system-config-printer:0.6.0
-
cpe:2.3:a:redhat:system-config-printer:0.6.1
-
cpe:2.3:a:redhat:system-config-printer:0.6.10
-
cpe:2.3:a:redhat:system-config-printer:0.6.100
-
cpe:2.3:a:redhat:system-config-printer:0.6.101
-
cpe:2.3:a:redhat:system-config-printer:0.6.102
-
cpe:2.3:a:redhat:system-config-printer:0.6.103
-
cpe:2.3:a:redhat:system-config-printer:0.6.104
-
cpe:2.3:a:redhat:system-config-printer:0.6.105
-
cpe:2.3:a:redhat:system-config-printer:0.6.106
-
cpe:2.3:a:redhat:system-config-printer:0.6.107
-
cpe:2.3:a:redhat:system-config-printer:0.6.108
-
cpe:2.3:a:redhat:system-config-printer:0.6.109
-
cpe:2.3:a:redhat:system-config-printer:0.6.11
-
cpe:2.3:a:redhat:system-config-printer:0.6.110
-
cpe:2.3:a:redhat:system-config-printer:0.6.111
-
cpe:2.3:a:redhat:system-config-printer:0.6.112
-
cpe:2.3:a:redhat:system-config-printer:0.6.113
-
cpe:2.3:a:redhat:system-config-printer:0.6.114
-
cpe:2.3:a:redhat:system-config-printer:0.6.115
-
cpe:2.3:a:redhat:system-config-printer:0.6.116
-
cpe:2.3:a:redhat:system-config-printer:0.6.12
-
cpe:2.3:a:redhat:system-config-printer:0.6.13
-
cpe:2.3:a:redhat:system-config-printer:0.6.14
-
cpe:2.3:a:redhat:system-config-printer:0.6.15
-
cpe:2.3:a:redhat:system-config-printer:0.6.16
-
cpe:2.3:a:redhat:system-config-printer:0.6.17
-
cpe:2.3:a:redhat:system-config-printer:0.6.18
-
cpe:2.3:a:redhat:system-config-printer:0.6.19
-
cpe:2.3:a:redhat:system-config-printer:0.6.2
-
cpe:2.3:a:redhat:system-config-printer:0.6.20
-
cpe:2.3:a:redhat:system-config-printer:0.6.21
-
cpe:2.3:a:redhat:system-config-printer:0.6.22
-
cpe:2.3:a:redhat:system-config-printer:0.6.23
-
cpe:2.3:a:redhat:system-config-printer:0.6.24
-
cpe:2.3:a:redhat:system-config-printer:0.6.25
-
cpe:2.3:a:redhat:system-config-printer:0.6.26
-
cpe:2.3:a:redhat:system-config-printer:0.6.27
-
cpe:2.3:a:redhat:system-config-printer:0.6.28
-
cpe:2.3:a:redhat:system-config-printer:0.6.29
-
cpe:2.3:a:redhat:system-config-printer:0.6.3
-
cpe:2.3:a:redhat:system-config-printer:0.6.30
-
cpe:2.3:a:redhat:system-config-printer:0.6.31
-
cpe:2.3:a:redhat:system-config-printer:0.6.32
-
cpe:2.3:a:redhat:system-config-printer:0.6.33
-
cpe:2.3:a:redhat:system-config-printer:0.6.34
-
cpe:2.3:a:redhat:system-config-printer:0.6.35
-
cpe:2.3:a:redhat:system-config-printer:0.6.36
-
cpe:2.3:a:redhat:system-config-printer:0.6.37
-
cpe:2.3:a:redhat:system-config-printer:0.6.38
-
cpe:2.3:a:redhat:system-config-printer:0.6.39
-
cpe:2.3:a:redhat:system-config-printer:0.6.4
-
cpe:2.3:a:redhat:system-config-printer:0.6.40
-
cpe:2.3:a:redhat:system-config-printer:0.6.41
-
cpe:2.3:a:redhat:system-config-printer:0.6.42
-
cpe:2.3:a:redhat:system-config-printer:0.6.43
-
cpe:2.3:a:redhat:system-config-printer:0.6.44
-
cpe:2.3:a:redhat:system-config-printer:0.6.45
-
cpe:2.3:a:redhat:system-config-printer:0.6.46
-
cpe:2.3:a:redhat:system-config-printer:0.6.47
-
cpe:2.3:a:redhat:system-config-printer:0.6.48
-
cpe:2.3:a:redhat:system-config-printer:0.6.49
-
cpe:2.3:a:redhat:system-config-printer:0.6.5
-
cpe:2.3:a:redhat:system-config-printer:0.6.50
-
cpe:2.3:a:redhat:system-config-printer:0.6.51
-
cpe:2.3:a:redhat:system-config-printer:0.6.52
-
cpe:2.3:a:redhat:system-config-printer:0.6.53
-
cpe:2.3:a:redhat:system-config-printer:0.6.54
-
cpe:2.3:a:redhat:system-config-printer:0.6.55
-
cpe:2.3:a:redhat:system-config-printer:0.6.56
-
cpe:2.3:a:redhat:system-config-printer:0.6.57
-
cpe:2.3:a:redhat:system-config-printer:0.6.58
-
cpe:2.3:a:redhat:system-config-printer:0.6.59
-
cpe:2.3:a:redhat:system-config-printer:0.6.6
-
cpe:2.3:a:redhat:system-config-printer:0.6.60
-
cpe:2.3:a:redhat:system-config-printer:0.6.61
-
cpe:2.3:a:redhat:system-config-printer:0.6.62
-
cpe:2.3:a:redhat:system-config-printer:0.6.63
-
cpe:2.3:a:redhat:system-config-printer:0.6.64
-
cpe:2.3:a:redhat:system-config-printer:0.6.65
-
cpe:2.3:a:redhat:system-config-printer:0.6.66
-
cpe:2.3:a:redhat:system-config-printer:0.6.67
-
cpe:2.3:a:redhat:system-config-printer:0.6.68
-
cpe:2.3:a:redhat:system-config-printer:0.6.69
-
cpe:2.3:a:redhat:system-config-printer:0.6.7
-
cpe:2.3:a:redhat:system-config-printer:0.6.70
-
cpe:2.3:a:redhat:system-config-printer:0.6.71
-
cpe:2.3:a:redhat:system-config-printer:0.6.72
-
cpe:2.3:a:redhat:system-config-printer:0.6.73
-
cpe:2.3:a:redhat:system-config-printer:0.6.74
-
cpe:2.3:a:redhat:system-config-printer:0.6.75
-
cpe:2.3:a:redhat:system-config-printer:0.6.76
-
cpe:2.3:a:redhat:system-config-printer:0.6.77
-
cpe:2.3:a:redhat:system-config-printer:0.6.78
-
cpe:2.3:a:redhat:system-config-printer:0.6.79
-
cpe:2.3:a:redhat:system-config-printer:0.6.8
-
cpe:2.3:a:redhat:system-config-printer:0.6.80
-
cpe:2.3:a:redhat:system-config-printer:0.6.81
-
cpe:2.3:a:redhat:system-config-printer:0.6.82
-
cpe:2.3:a:redhat:system-config-printer:0.6.83
-
cpe:2.3:a:redhat:system-config-printer:0.6.84
-
cpe:2.3:a:redhat:system-config-printer:0.6.85
-
cpe:2.3:a:redhat:system-config-printer:0.6.86
-
cpe:2.3:a:redhat:system-config-printer:0.6.87
-
cpe:2.3:a:redhat:system-config-printer:0.6.88
-
cpe:2.3:a:redhat:system-config-printer:0.6.89
-
cpe:2.3:a:redhat:system-config-printer:0.6.9
-
cpe:2.3:a:redhat:system-config-printer:0.6.90
-
cpe:2.3:a:redhat:system-config-printer:0.6.91
-
cpe:2.3:a:redhat:system-config-printer:0.6.92
-
cpe:2.3:a:redhat:system-config-printer:0.6.93
-
cpe:2.3:a:redhat:system-config-printer:0.6.94
-
cpe:2.3:a:redhat:system-config-printer:0.6.95
-
cpe:2.3:a:redhat:system-config-printer:0.6.96
-
cpe:2.3:a:redhat:system-config-printer:0.6.97
-
cpe:2.3:a:redhat:system-config-printer:0.6.98
-
cpe:2.3:a:redhat:system-config-printer:0.6.99
-
cpe:2.3:a:redhat:system-config-printer:0.7.32.10
-
cpe:2.3:a:redhat:system-config-printer:0.7.32.6
-
cpe:2.3:a:redhat:system-config-printer:0.7.32.7
-
cpe:2.3:a:redhat:system-config-printer:0.7.32.8
-
cpe:2.3:a:redhat:system-config-printer:0.7.32.9
-
cpe:2.3:a:redhat:system-config-printer:0.7.60
-
cpe:2.3:a:redhat:system-config-printer:0.7.61
-
cpe:2.3:a:redhat:system-config-printer:0.7.62
-
cpe:2.3:a:redhat:system-config-printer:0.7.63
-
cpe:2.3:a:redhat:system-config-printer:0.7.63.1
-
cpe:2.3:a:redhat:system-config-printer:0.7.63.2
-
cpe:2.3:a:redhat:system-config-printer:0.7.63.3
-
cpe:2.3:a:redhat:system-config-printer:0.7.63.4
-
cpe:2.3:a:redhat:system-config-printer:0.7.64
-
cpe:2.3:a:redhat:system-config-printer:0.7.65
-
cpe:2.3:a:redhat:system-config-printer:0.7.66
-
cpe:2.3:a:redhat:system-config-printer:0.7.67
-
cpe:2.3:a:redhat:system-config-printer:0.7.68
-
cpe:2.3:a:redhat:system-config-printer:0.7.69
-
cpe:2.3:a:redhat:system-config-printer:0.7.70
-
cpe:2.3:a:redhat:system-config-printer:0.7.71
-
cpe:2.3:a:redhat:system-config-printer:0.7.72
-
cpe:2.3:a:redhat:system-config-printer:0.7.73
-
cpe:2.3:a:redhat:system-config-printer:0.7.74
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.1
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.10
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.11
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.12
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.13
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.2
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.3
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.4
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.5
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.6
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.7
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.8
-
cpe:2.3:a:redhat:system-config-printer:0.7.74.9
-
cpe:2.3:a:redhat:system-config-printer:0.7.75
-
cpe:2.3:a:redhat:system-config-printer:0.7.76
-
cpe:2.3:a:redhat:system-config-printer:0.7.77
-
cpe:2.3:a:redhat:system-config-printer:0.7.78
-
cpe:2.3:a:redhat:system-config-printer:0.7.79
-
cpe:2.3:a:redhat:system-config-printer:0.7.80
-
cpe:2.3:a:redhat:system-config-printer:0.7.81
-
cpe:2.3:a:redhat:system-config-printer:0.7.82
-
cpe:2.3:a:redhat:system-config-printer:0.7.82.1
-
cpe:2.3:a:redhat:system-config-printer:0.7.82.2
-
cpe:2.3:a:redhat:system-config-printer:0.7.82.3
-
cpe:2.3:a:redhat:system-config-printer:0.7.82.4
-
cpe:2.3:a:redhat:system-config-printer:0.7.82.5