foomatic-gui python-foomatic 0.7.9.4 – ‘pysmb.py’ Arbitrary Shell Command Execution

• Exploit Database
• 14 阅读

• 作者： daveb
  日期： 2011-08-03
• 类别：

  • remote
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/36013/

• source: https://www.securityfocus.com/bid/48982/info
  
  foomatic-gui is prone to a remote arbitrary shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input.
  
  An attacker can exploit this issue to execute arbitrary shell commands in the context of the application.
  
  Versions prior to foomatic-gui 0.7.9.5 are vulnerable. 
  
  netbios name = oh'notquotezSIF to /etc/samba/smb.conf