Jump to content

Security Advisories (MDKSA-2005:165): cups


aru
 Share

Recommended Posts

Mandriva Security Advisories MDKSA-2005:165 : cups

 

Updated cups packages fix vulnerability

September 19th, 2005

 

A vulnerability in CUPS would treat a Location directive in cupsd.conf as case-sensitive, allowing attackers to bypass intended ACLs via a printer name containing uppercase or lowecase letters that are different from that which was specified in the Location directive. This issue only affects versions of CUPS prior to 1.1.21rc1.

 

The updated packages have been patched to correct this problem.

 

 

The released versions of Mandriva GNU/Linux affected are:

  • 10.0
  • CS2.1
  • CS3.0

Full information about this advisory, including the updated packages, is available at:

www.mandriva.com/security/advisories?name=MDKSA-2005:165

 

Other references:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154

 

Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)

Link to comment
Share on other sites

 Share

×
×
  • Create New...