FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

enscript -- arbitrary code execution vulnerability

Affected packages
enscript-a4 < 1.6.4_2
enscript-letter < 1.6.4_2
enscript-letterdj < 1.6.4_2

Details

VuXML ID a1126054-b57c-11dd-8892-0017319806e7
Discovery 2008-10-22
Entry 2008-11-18

Ulf Harnhammar of Secunia Research reports:

Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.

References

CVE Name CVE-2008-3863
CVE Name CVE-2008-4306
URL http://secunia.com/secunia_research/2008-41/