CVE-2011-2899 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-2899 Interim 1 13 2023-02-15T02:26:15Z current 2021-05-30T12:58:46Z 2023-02-15T02:26:15Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-2899 pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-updates/2011-12/msg00010.html E-Mail link for openSUSE-SU-2011:1331-1 https://lists.opensuse.org/opensuse-updates/2012-01/msg00028.html E-Mail link for openSUSE-SU-2011:1331-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1-TERADATA system-config-printer-1.0.8-9.16.1 system-config-printer-lang-1.0.8-9.16.1 system-config-printer-1.0.8-9.16.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA system-config-printer-lang-1.0.8-9.16.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers. CVE-2011-2899 SUSE Linux Enterprise Server 11 SP1-TERADATA:system-config-printer-1.0.8-9.16.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:system-config-printer-lang-1.0.8-9.16.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P