CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3537 – cups: insufficient checking leads to privilege escalation
https://notcve.org/view.php?id=CVE-2014-3537
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/. La interfaz web en CUPS anterior a 1.7.4 permite a usuarios locales en el grupo lp leer ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en /var/cache/cups/rss/. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system. • http://advisories.mageia.org/MGASA-2014-0313.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html http://rhn.redhat.com/errata/RHSA-2014-1388.html http://secunia.com/advisories/59945 http://secunia.com/advisories/60273 http://secunia.com/advisories/60787 http://www.cups.org/blog.php?L724 http://www.cups.org/str.php?L4450 http://www.mandriva.com/security/advisories?name=MDVSA-2015 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.3EPSS: 0%CPEs: 111EXPL: 0CVE-2014-2856 – cups: cross-site scripting flaw fixed in the 1.7.2 release
https://notcve.org/view.php?id=CVE-2014-2856
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. Vulnerabilidad de XSS en scheduler/client.c en Common Unix Printing System (CUPS) anterior a 1.7.2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de la ruta de URL, relacionado con la función is_path_absolute. A cross-site scripting (XSS) flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. • http://advisories.mageia.org/MGASA-2014-0193.html http://rhn.redhat.com/errata/RHSA-2014-1388.html http://secunia.com/advisories/57880 http://www.cups.org/documentation.php/relnotes.html http://www.cups.org/str.php?L4356 http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 http://www.openwall.com/lists/oss-security/2014/04/14/2 http://www.openwall.com/lists/oss-security/2014/04/15/3 http://www.securityfocus.com/bid/66788 http://www.ubuntu.com/u • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 1.2EPSS: 0%CPEs: 6EXPL: 1CVE-2013-6891
https://notcve.org/view.php?id=CVE-2013-6891
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. lppasswd en CUPS anteriores a 1.7.1, cuando se ejecuta con privilegios setuid, permite a usuarios locales leer porciones de archivos arbitrarios a través de una variable de entorno HOME modificada y un ataque symlink que involucra .cups/client.conf • http://advisories.mageia.org/MGASA-2014-0021.html http://secunia.com/advisories/56531 http://www.cups.org/blog.php?L704 http://www.cups.org/str.php?L4319 http://www.mandriva.com/security/advisories?name=MDVSA-2014:015 http://www.ubuntu.com/usn/USN-2082-1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 0CVE-2012-6094
https://notcve.org/view.php?id=CVE-2012-6094
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system La opción "Listen localhost:631" de cups (Common Unix Printing System) no acepto correctamente, que podría proporcionar acceso no autorizado al sistema. • http://www.openwall.com/lists/oss-security/2013/01/04/5 http://www.securityfocus.com/bid/57158 https://access.redhat.com/security/cve/cve-2012-6094 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094 https://exchange.xforce.ibmcloud.com/vulnerabilities/82451 https://security-tracker.debian.org/tracker/CVE-2012-6094 • CWE-863: Incorrect Authorization •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 2CVE-2012-5519 – cups: privilege escalation for users of the CUPS SystemGroup group
https://notcve.org/view.php?id=CVE-2012-5519
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface. CUPS v1.4.4, cuando se ejecuta en ciertas distribuciones de Linux como Debian GNU/Linux, almacena la la clave de la interfaz web del administrador en /var/run/cups/certs/0 con ciertos permisos, lo que permite a los usuarios locales en el grupo lpadmin leer o escribir archivos arbitrarios como root mediante el aprovechamiento de la interfaz web. • https://github.com/p1ckzi/CVE-2012-5519 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2013-0580.html http://support.apple.com/kb/HT5784 http:/& • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •