CVE-2011-2924

Name of the Vulnerable Software and Affected Versions foomatic-rip filter versions 4.0.12 and prior

Description The issue allows a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. This is possible because the foomatic-rip filter insecurely creates temporary files for storage of PostScript data when the debug mode is enabled.

Recommendations For versions 4.0.12 and prior, consider disabling the debug mode as a temporary workaround to minimize the risk of exploitation. Restrict access to the foomatic-rip filter to minimize the risk of arbitrary file overwrites. At the moment, there is no information about a newer version that contains a fix for this issue.