Executive Summary
Summary | |
---|---|
Title | cups security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:571 | First vendor Publication | 2005-07-14 |
Vendor | RedHat | Last vendor Modification | 2005-07-14 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. When processing a request, the CUPS scheduler would use case-sensitive matching on the queue name to decide which authorization policy should be used. However, queue names are not case-sensitive. An unauthorized user could print to a password-protected queue without needing a password. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2154 to this issue. Please note that the version of CUPS included in Red Hat Enterprise Linux 4 is not vulnerable to this issue. All users of CUPS should upgrade to these erratum packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 162405 - CAN-2004-2154 |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-571.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-193 | PHP Remote File Inclusion |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-178 | Failure to Resolve Case Sensitivity (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9940 | |||
Oval ID: | oval:org.mitre.oval:def:9940 | ||
Title: | CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | ||
Description: | CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-2154 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
17912 | CUPS Case Mismatch Printer Queue Password Bypass |
17716 | osTicket open.php Arbitrary Local File Inclusion osTicket contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'open.php' script not properly sanitizing user-supplied input. This may allow a remote attacker to send a specially crafted URL to include a file from the local host that contains arbitrary commands which will be executed by the vulnerable script. |
17715 | osTicket view.php inc Variable Arbitrary Local File Inclusion osTicket contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'view.php' script not properly sanitizing user input supplied to the 'inc' variable. This may allow a remote attacker to send a specially crafted URL to include a file from the local host that contains arbitrary commands which will be executed by the vulnerable script. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-571.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-185-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-165.nasl - Type : ACT_GATHER_INFO |
2005-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-571.nasl - Type : ACT_GATHER_INFO |
2005-07-05 | Name : The remote web server contains a PHP application that is prone to multiple vu... File : osticket_131.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:30 |
|
2013-05-11 12:23:09 |
|