Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-0393

Опубликовано: 03 мар. 2010
Источник: redhat
CVSS2: 4
EPSS Низкий

Описание

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

Отчет

This issue did not affected Red Hat Enterprise Linux 3 and 4 due to the lack of localization in lppasswd as provided in those releases. The affected code is present in Red Hat Enterprise Linux 5, however lppasswd is not shipped setuid so is not vulnerable to this issue. If a user were to enable the setuid bit on lppasswd, the impact would only be a crash of lppasswd due to use of FORTIFY_SOURCE protections. Therefore, there are no plans to correct this issue in Red Hat Enterprise Linux 5.

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=558460: cups possible arbitrary code execution via suid lppasswd (STR #3482)

EPSS

Процентиль: 24%
0.0008
Низкий

4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-0393

ubuntu
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

nvd логотип

CVE-2010-0393

nvd
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

debian логотип

CVE-2010-0393

debian
больше 15 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1 ...

github логотип

GHSA-6j26-qg9p-xqqm

github
больше 3 лет назад

The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers.

fstec логотип

BDU:2015-03348

fstec
больше 10 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 24%
0.0008
Низкий

4 Medium

CVSS2