CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2001-1593 – Debian Security Advisory 2892-1
https://notcve.org/view.php?id=CVE-2001-1593
01 Apr 2014 — The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. La función tempname_ensure en biblioteca lib/routines.h en a2ps versión 4.14 y anteriores, tal y como es usado por la función spy_user y otras posibles funciones, permite a usuarios locales modificar archivos arbitrarios en una ataque de tipo symlink en un archivo temporal. Several vulner... • http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2004-1377
https://notcve.org/view.php?id=CVE-2004-1377
27 Dec 2004 — The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. • http://secunia.com/advisories/13641 •
CVSS: 10.0EPSS: 15%CPEs: 11EXPL: 3CVE-2004-1170 – GNU a2ps 4.13 - File Name Command Execution
https://notcve.org/view.php?id=CVE-2004-1170
10 Dec 2004 — a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. • https://www.exploit-db.com/exploits/24406 •