Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:165: cups Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cups package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:165 (cups).
A vulnerability in CUPS would treat a Location directive in cupsd.conf as
case-sensitive, allowing attackers to bypass intended ACLs via a printer name
containing uppercase or lowecase letters that are different from that which was
specified in the Location directive. This issue only affects versions of CUPS
prior to 1.1.21rc1.
The updated packages have been patched to correct this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:165
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.