Unrated severityNVD Advisory· Published Dec 26, 2008· Updated Apr 23, 2026
CVE-2008-5718
CVE-2008-5718
Description
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.
Affected products
32cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*+ 31 more
- cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*range: <=2.0.3
- cpe:2.3:a:netatalk:netatalk:1.4.99-0.20000927:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.4.99-0.20001108:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre3:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre4:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre5:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre6:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre7:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5pre8:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.5:rc2:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:1.6.4a:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:netatalk:netatalk:2.0:rc2:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- www.debian.org/security/2009/dsa-1705nvdPatch
- www.securityfocus.com/bid/32925nvdPatch
- secunia.com/advisories/33227nvdVendor Advisory
- secunia.com/advisories/33548nvdVendor Advisory
- secunia.com/advisories/34484nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvd
- osvdb.org/50824nvd
- sourceforge.net/project/shownotes.phpnvd
- www.openwall.com/lists/oss-security/2009/01/13/3nvd
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.htmlnvd
News mentions
0No linked articles in our index yet.