CVE-2014-2856 – cups: cross-site scripting flaw fixed in the 1.7.2 release
https://notcve.org/view.php?id=CVE-2014-2856
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. Vulnerabilidad de XSS en scheduler/client.c en Common Unix Printing System (CUPS) anterior a 1.7.2 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de la ruta de URL, relacionado con la función is_path_absolute. A cross-site scripting (XSS) flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. • http://advisories.mageia.org/MGASA-2014-0193.html http://rhn.redhat.com/errata/RHSA-2014-1388.html http://secunia.com/advisories/57880 http://www.cups.org/documentation.php/relnotes.html http://www.cups.org/str.php?L4356 http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 http://www.openwall.com/lists/oss-security/2014/04/14/2 http://www.openwall.com/lists/oss-security/2014/04/15/3 http://www.securityfocus.com/bid/66788 http://www.ubuntu.com/u • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-6891
https://notcve.org/view.php?id=CVE-2013-6891
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf. lppasswd en CUPS anteriores a 1.7.1, cuando se ejecuta con privilegios setuid, permite a usuarios locales leer porciones de archivos arbitrarios a través de una variable de entorno HOME modificada y un ataque symlink que involucra .cups/client.conf • http://advisories.mageia.org/MGASA-2014-0021.html http://secunia.com/advisories/56531 http://www.cups.org/blog.php?L704 http://www.cups.org/str.php?L4319 http://www.mandriva.com/security/advisories?name=MDVSA-2014:015 http://www.ubuntu.com/usn/USN-2082-1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2012-6094
https://notcve.org/view.php?id=CVE-2012-6094
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system La opción "Listen localhost:631" de cups (Common Unix Printing System) no acepto correctamente, que podría proporcionar acceso no autorizado al sistema. • http://www.openwall.com/lists/oss-security/2013/01/04/5 http://www.securityfocus.com/bid/57158 https://access.redhat.com/security/cve/cve-2012-6094 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6094 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6094 https://exchange.xforce.ibmcloud.com/vulnerabilities/82451 https://security-tracker.debian.org/tracker/CVE-2012-6094 • CWE-863: Incorrect Authorization •
CVE-2012-5519 – cups: privilege escalation for users of the CUPS SystemGroup group
https://notcve.org/view.php?id=CVE-2012-5519
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface. CUPS v1.4.4, cuando se ejecuta en ciertas distribuciones de Linux como Debian GNU/Linux, almacena la la clave de la interfaz web del administrador en /var/run/cups/certs/0 con ciertos permisos, lo que permite a los usuarios locales en el grupo lpadmin leer o escribir archivos arbitrarios como root mediante el aprovechamiento de la interfaz web. • https://github.com/p1ckzi/CVE-2012-5519 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2013-0580.html http://support.apple.com/kb/HT5784 http:/& • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVE-2011-3170
https://notcve.org/view.php?id=CVE-2011-3170
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. La función gif_read_lzw en filter/image-gif.c en CUPS v1.4.8 y anteriores no controla correctamente la primera WORD de código en un flujo LZW, lo que permite provocar un desbordamiento de búfer basado en memoria dinámica (heap) a atacantes remotos, y posiblemente, ejecutar código de su elección, a través de un stream debidamente modificado. Se trata de una vulnerabilidad diferente a la CVE-2011.2896. • http://cups.org/str.php?L3914 http://secunia.com/advisories/45796 http://secunia.com/advisories/46024 http://security.gentoo.org/glsa/glsa-201207-10.xml http://www.debian.org/security/2011/dsa-2354 http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:147 http://www.securityfocus.com/bid/49323 http://www.securitytracker.com/id?1025980 http://www.ubuntu.com/usn/USN-1207-1 https://bugzilla.redhat. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •