Total vulnerabilities in the database
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.
| Software | From | Fixed in |
|---|---|---|
| netatalk / netatalk | 1.5pre5 | 1.5pre5.x |
| netatalk / netatalk | 1.5.0 | 1.5.0.x |
| netatalk / netatalk | 2.0.1 | 2.0.1.x |
| netatalk / netatalk | 1.5pre4 | 1.5pre4.x |
| netatalk / netatalk | 2.0-alpha2 | 2.0-alpha2.x |
| netatalk / netatalk | 2.0-rc1 | 2.0-rc1.x |
| netatalk / netatalk | 2.0.2 | 2.0.2.x |
| netatalk / netatalk | 1.6.2 | 1.6.2.x |
| netatalk / netatalk | 1.6.4a | 1.6.4a.x |
| netatalk / netatalk | 1.4.99-0.20001108 | 1.4.99-0.20001108.x |
| netatalk / netatalk | 1.5-rc2 | 1.5-rc2.x |
| netatalk / netatalk | 1.6.1 | 1.6.1.x |
| netatalk / netatalk | - | 2.0.3.x |
| netatalk / netatalk | 2.0-rc2 | 2.0-rc2.x |
| netatalk / netatalk | 1.5.1 | 1.5.1.x |
| netatalk / netatalk | 1.6.0 | 1.6.0.x |
| netatalk / netatalk | 1.5pre3 | 1.5pre3.x |
| netatalk / netatalk | 2.0-beta1 | 2.0-beta1.x |
| netatalk / netatalk | 1.5.3.1 | 1.5.3.1.x |
| netatalk / netatalk | 1.5pre6 | 1.5pre6.x |
| netatalk / netatalk | 2.0-beta2 | 2.0-beta2.x |
| netatalk / netatalk | 1.6.3 | 1.6.3.x |
| netatalk / netatalk | 1.5pre8 | 1.5pre8.x |
| netatalk / netatalk | 2.0.0 | 2.0.0.x |
| netatalk / netatalk | 1.5.2 | 1.5.2.x |
| netatalk / netatalk | 1.6.4 | 1.6.4.x |
| netatalk / netatalk | 1.5.1.1 | 1.5.1.1.x |
| netatalk / netatalk | 1.5pre7 | 1.5pre7.x |
| netatalk / netatalk | 1.5.5 | 1.5.5.x |
| netatalk / netatalk | 1.5-rc1 | 1.5-rc1.x |
| netatalk / netatalk | 1.4.99-0.20000927 | 1.4.99-0.20000927.x |
| netatalk / netatalk | 2.0-alpha1 | 2.0-alpha1.x |