Summary
Ubuntu Update for Linux kernel vulnerabilities USN-660-1
Solution
Please Install the Updated Packages.
Insight
Ulf Hä
rnhammar discovered multiple stack overflows in enscript's handling of special escape arguments. If a user or automated system were tricked into processing a malicious file with the "
-e"
option enabled, a remote attacker
could execute arbitrary code or cause enscript to crash, possibly leading to a denial of service.
Affected
enscript vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 7.10 ,
Ubuntu 8.04 LTS ,
Ubuntu 8.10
Severity
Classification
-
CVE CVE-2008-3863, CVE-2008-4306 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities