Mandriva Linux Security Advisory : enscript (MDVSA-2008:243)
High Nessus Plugin ID 36321
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionTwo buffer overflow vulnerabilities were discovered in GNU enscript, which could allow an attacker to execute arbitrary commands via a specially crafted ASCII file, if the file were opened with the -e or
--escapes option enabled (CVE-2008-3863, CVE-2008-4306).
The updated packages have been patched to prevent these issues.
SolutionUpdate the affected enscript package.