Test ID:	1.3.6.1.4.1.25623.1.1.1.2.2015.371
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-371-1)
Summary:	The remote host is missing an update for the Debian 'foomatic-filters' package(s) announced via the DLA-371-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'foomatic-filters' package(s) announced via the DLA-371-1 advisory. Vulnerability Insight: Adam Chester discovered that there was an injection vulnerability in foomatic-filters which is used by printer spoolers to convert incoming PostScript data into the printer's native format. This could lead to the execution of arbitrary commands. The patch applied in DLA 365-1 prevented usage of (unescaped) backticks and this update complements the previous update by doing the same for semi-colons. For Debian 6 Squeeze, this issue has been fixed in foomatic-filters version 4.0.5-6+squeeze2+deb6u12. (Thanks to Yann Soubeyrand who prepared the updated Debian package) Affected Software/OS: 'foomatic-filters' package(s) on Debian 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8560 Debian Security Information: DSA-3419 (Google Search) http://www.debian.org/security/2015/dsa-3419 Debian Security Information: DSA-3429 (Google Search) http://www.debian.org/security/2015/dsa-3429 http://www.openwall.com/lists/oss-security/2015/12/13/2 http://www.openwall.com/lists/oss-security/2015/12/14/13 RedHat Security Advisories: RHSA-2016:0491 http://rhn.redhat.com/errata/RHSA-2016-0491.html http://www.ubuntu.com/usn/USN-2838-1 http://www.ubuntu.com/usn/USN-2838-2
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.