what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

CVE-2014-5029

Status Candidate

Overview

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537.

Related Files

Mandriva Linux Security Advisory 2015-108
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-108 - Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd. It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation. A malformed file with an invalid page header and compressed raster data can trigger a buffer overflow in cupsRasterReadPixels.

tags | advisory, remote, web, overflow, arbitrary, local, xss
systems | linux, unix, mandriva
advisories | CVE-2014-2856, CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031, CVE-2014-9679
SHA-256 | 029c517fb2aafd25bf90e98f07319e0f00c7a6d282bf8e64661bb76a2f70f6a8
Red Hat Security Advisory 2014-1388-02
Posted Oct 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1388-02 - CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A cross-site scripting flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system.

tags | advisory, web, arbitrary, local, xss
systems | linux, redhat, unix
advisories | CVE-2014-2856, CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031
SHA-256 | f40db663647458b2845b3f1ac29ff57140997773dd6238d70c6eb62820776ebf
Ubuntu Security Notice USN-2341-1
Posted Sep 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2341-1 - Salvatore Bonaccorso discovered that the CUPS web interface incorrectly validated permissions and incorrectly handled symlinks. An attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.

tags | advisory, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5029, CVE-2014-5030, CVE-2014-5031
SHA-256 | f57044e3821a7f70ab5ef00b54419a5243bf8be708be9a4544a2ce036435c480
Mandriva Linux Security Advisory 2014-151
Posted Aug 8, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-151 - In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd. It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.

tags | advisory, web, arbitrary, local
systems | linux, mandriva
advisories | CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031
SHA-256 | 7d4d6b6d830e0e917745ad8442f7a68ed02759bd672d8f5b73f660cc5ce1b6f0
Debian Security Advisory 2990-1
Posted Jul 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2990-1 - It was discovered that the web interface in CUPS, the Common UNIX Printing System, incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.

tags | advisory, web, arbitrary, local
systems | linux, unix, debian
advisories | CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031
SHA-256 | cc938fc7d54d51a015c06e68ed74d219f09c0baf6016e28dce18fb4e2629a93b
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close