SuSE9 Security Update : enscript (YOU Patch Number 9867)
High Nessus Plugin ID 41347
The remote SuSE 9 host is missing a security-related patch.
- Unsanitised input can caues the execution of arbitrary commands via EPSF pipe support. This has been disabled, also upstream. (CVE-2004-1184) - Due to missing sanitising of filenames it is possible that a specially crafted filename can cause arbitrary commands to be executed. (CVE-2004-1185) - Multiple buffer overflows can cause the program to crash. (CVE-2004-1186)