Candidate: CVE-2001-1593
PublicDate: 2014-02-02
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593
Description: 
 Jakub Wilk found that a2ps, a tool to convert text and other types of
 files to PostScript, insecurely used a temporary file in spy_user(). A
 local attacker could use this flaw to perform a symbolic link attack to
 modify an arbitrary file accessible to the user running a2ps.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385
 https://bugzilla.redhat.com/show_bug.cgi?id=1060630
Priority: low
Discovered-by:
Assigned-to: 
CVSS: 

Patches_a2ps:
 fedora: http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch
upstream_a2ps: needs-triage
lucid_a2ps: ignored (reached end-of-life)
precise_a2ps: released (1:4.14-1.1+deb7u1build0.12.04.1)
trusty_a2ps: not-affected (1:4.14-1.2)
trusty/esm_a2ps: DNE (trusty was not-affected [1:4.14-1.2])
utopic_a2ps: not-affected (1:4.14-1.2)
vivid_a2ps: not-affected (1:4.14-1.2)
devel_a2ps: not-affected (1:4.14-1.2)