CVE-2018-20106 – In yast2-printer up to and including version 4.0.2 the SMB printer settings don’t escape c …

Vuln ID: CVE-2018-20106

Published:  2019-03-15  20:29:00Z

Description: In yast2-printer up to and including version 4.0.2 the SMB printer settings don’t escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.

Source: NVD.NIST.GOV

 

Tags