CVE-2001-1593

Published: Apr 5, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.

Affected (6)

Products: Gnu: A2ps

Gnu

1 product

A2ps

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Gnu A2ps	Up to 4.14
Gnu A2ps	Version 4.10.3
Gnu A2ps	Version 4.10.4
Gnu A2ps	Version 4.12
Gnu A2ps	Version 4.13
Gnu A2ps	Version 4.13b

Related CWEs

CWE-59

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (14)

http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch

Source: cve@mitre.org

http://seclists.org/oss-sec/2014/q1/237

Source: cve@mitre.org

http://seclists.org/oss-sec/2014/q1/253

Source: cve@mitre.org

http://seclists.org/oss-sec/2014/q1/257

Source: cve@mitre.org

http://www.debian.org/security/2014/dsa-2892

Source: cve@mitre.org

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=1060630

Source: cve@mitre.org

http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch