LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

cups: multiple vulnerabilities

Package(s):cups CVE #(s):CVE-2010-2431 CVE-2010-2432
Created:July 8, 2010 Updated:October 10, 2011
Description:

From the Pardus advisory:

CVE-2010-2431: The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.

CVE-2010-2432: The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses.

Alerts:
Mandriva MDVSA-2011:146 2011-10-11
Debian DSA-2176-1 2011-03-02
Mandriva MDVSA-2010:234 2010-11-15
Mandriva MDVSA-2010:232 2010-11-15
CentOS CESA-2010:0811 2010-11-01
Red Hat RHSA-2010:0811-01 2010-10-28
Pardus 2010-95 2010-07-08
Gentoo 201207-10 2012-07-09
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds