OS Command Injection in a2ps (Alpine package)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2014-0466 |
| CWE-ID | CWE-78 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
a2ps (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) OS Command Injection
EUVDB-ID: #VU27576
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2014-0466
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when processing PostScript files due to fixps scrip in GNU a2ps does not use the -dSAFER option when executing gs. A remote unauthenticated attacker can trick the victim to open a specially crafted PostScript file and delete arbitrary files or execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsa2ps (Alpine package): 4.14-r0 - 4.14-r7
CPE2.3- cpe:2.3:a:alpine:a2ps_alpine_package:4.14-r0:*:*:*:*:alpine_linux:*:1.10
- cpe:2.3:a:alpine:a2ps_alpine_package:4.14-r3:*:*:*:*:alpine_linux:*:2.3
- cpe:2.3:a:alpine:a2ps_alpine_package:4.14-r4:*:*:*:*:alpine_linux:*:2.4
https://git.alpinelinux.org/aports/commit/?id=c44e1739d09485e6e56c3e8d179f02da33a0a7bf
https://git.alpinelinux.org/aports/commit/?id=44f09f98c5e4c349dcc6b25edde778f864f4ca5a
https://git.alpinelinux.org/aports/commit/?id=dc904137c8e3e8f68a9410dbc8bfac56b382b50d
https://git.alpinelinux.org/aports/commit/?id=8d6047b8be70cba29f22c2d0f809907e7367bcbb
https://git.alpinelinux.org/aports/commit/?id=9544460de3b7282c473654a2a67586c6645a05c1
https://git.alpinelinux.org/aports/commit/?id=ad0ffed17c16a068739dacf23ea90c2a50b2f11f
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
