Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-4405

Опубликовано: 16 нояб. 2011
Источник: redhat
CVSS2: 5.8
EPSS Низкий

Описание

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.

Отчет

Not vulnerable. This issue did not affect the versions of system-config-printer as shipped with Red Hat Enterprise Linux 4, 5, or 6 as they did not include support for installing driver packages from the OpenPrinting database, only PPDs (with user consent).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5system-config-printerNot affected
Red Hat Enterprise Linux 6system-config-printerNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=758374system-config-printer: possible MITM due to use of insecure connections

EPSS

Процентиль: 83%
0.01967
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-4405

ubuntu
около 14 лет назад

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.

nvd логотип

CVE-2011-4405

nvd
около 14 лет назад

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.

debian логотип

CVE-2011-4405

debian
около 14 лет назад

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 1 ...

github логотип

GHSA-hjc8-mc2g-pvm8

github
больше 3 лет назад

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.

EPSS

Процентиль: 83%
0.01967
Низкий

5.8 Medium

CVSS2