|
Family: Ubuntu Local Security Checks --> Category: infos
USN185-1 : cupsys vulnerability Vulnerability Scan
Vulnerability Scan Summary cupsys vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- cupsys
- cupsys-bsd
- cupsys-client
- libcupsimage2
- libcupsimage2-dev
- libcupsys2-dev
- libcupsys2-gnutls10
Description :
A flaw was detected in the printer access control list checking in the
CUPS server. Printer names were compared in a case sensitive manner
by modifying the capitalization of printer names, a remote attacker
could circumvent ACLs and print to printers he should not have access
to.
The Ubuntu 5.04 version of cupsys is not vulnerable against this.
Solution :
Upgrade to :
- cupsys-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- cupsys-bsd-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- cupsys-client-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsimage2-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsimage2-dev-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsys2-dev-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsys2-gnutls10-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|