Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN185-1 : cupsys vulnerability Vulnerability Scan


Vulnerability Scan Summary
cupsys vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- cupsys
- cupsys-bsd
- cupsys-client
- libcupsimage2
- libcupsimage2-dev
- libcupsys2-dev
- libcupsys2-gnutls10


Description :

A flaw was detected in the printer access control list checking in the
CUPS server. Printer names were compared in a case sensitive manner

by modifying the capitalization of printer names, a remote attacker
could circumvent ACLs and print to printers he should not have access
to.

The Ubuntu 5.04 version of cupsys is not vulnerable against this.

Solution :

Upgrade to :
- cupsys-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- cupsys-bsd-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- cupsys-client-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsimage2-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsimage2-dev-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsys2-dev-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)
- libcupsys2-gnutls10-1.1.20final+cvs20040330-4ubuntu16.5 (Ubuntu 4.10)



Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.