CVE-2008-5718

EPSS 1.8%

netatalk - remote code execution

Published: 12/26/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-5718

Description

The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.

Affected packages (3)

Debian/netatalkfrom 0, < 2.0.4~beta2-1
Debian/netatalkfrom 0, < 2.0.3-4+etch1
Debian/netatalkfrom 0, < 2.0.3-11+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-5718