Vulnerability Details : CVE-2011-2899
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers.
Vulnerability category: Input validation
Products affected by CVE-2011-2899
- cpe:2.3:a:redhat:system-config-printer:0.7.62:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.63.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.63.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.63.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.78:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.79:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.80:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.81:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.32.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.32.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.32.8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.66:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.67:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.68:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.69:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.70:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.11:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.12:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.13:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.32.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.61:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.63.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.64:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.71:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.73:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.76:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.32.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.60:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.63:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.65:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.72:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.74.8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.75:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.77:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.7.82.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.23:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.24:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.25:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.26:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.40:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.41:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.42:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.43:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.56:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.57:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.58:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.59:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.73:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.74:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.75:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.76:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.90:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.91:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.92:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.93:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.106:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.107:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.108:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.109:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.110:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.15:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.16:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.17:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.18:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.31:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.32:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.33:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.34:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.48:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.49:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.50:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.51:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.65:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.66:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.67:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.68:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.81:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.82:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.83:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.84:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.85:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.98:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.99:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.100:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.101:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.115:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.116:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.14:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.19:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.21:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.28:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.30:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.35:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.37:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.39:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.44:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.46:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.53:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.55:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.60:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.62:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.64:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.69:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.71:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.78:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.80:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.87:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.89:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.94:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.96:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.103:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.105:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.112:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.114:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.20:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.22:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.27:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.29:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.36:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.38:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.45:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.47:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.52:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.54:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.61:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.63:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.70:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.72:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.77:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.79:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.86:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.88:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.95:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.97:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.102:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.104:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.111:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:system-config-printer:0.6.113:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-2899
0.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2899
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
CWE ids for CVE-2011-2899
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2899
-
http://www.securitytracker.com/id?1025967
system-config-printer 'pysmb.py' NetBIOS Parameter Validation Flaw Lets Remote Users Execute Arbitrary Commands - SecurityTracker
-
https://bugs.launchpad.net/ubuntu/+source/foomatic-gui/+bug/811119
Bug #811119 “python-foomatic command injection.” : Bugs : foomatic-gui package : UbuntuPatch
-
http://www.redhat.com/support/errata/RHSA-2011-1196.html
SupportVendor Advisory
-
http://cvs.savannah.gnu.org/viewvc/foomatic-gui/foomatic/pysmb.py?root=foomatic-gui&r1=1.2&r2=1.3&view=patch
Patch
-
https://bugzilla.redhat.com/show_bug.cgi?id=728348
728348 – (CVE-2011-2899) CVE-2011-2899 system-config-printer: possible arbitrary code execution in pysmb.py due to improper escaping of hostnamesPatch
Jump to