Описание
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the cupsctl binary to set SetEnv and PassEnv directives and potentially controls the flow of the affected backend, resulting in some cases in arbitrary code execution with root privileges.
Меры по смягчению последствий
Do not add untrusted users to sys and root groups.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | cups | Will not fix | ||
| Red Hat Enterprise Linux 6 | cups | Will not fix | ||
| Red Hat Enterprise Linux 8 | cups | Not affected | ||
| Red Hat Virtualization 4 | cups | Not affected | ||
| Red Hat Enterprise Linux 7 | cups | Fixed | RHSA-2020:1050 | 31.03.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This is ...
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
Уязвимость сервера печати CUPS, связанная с ошибками авторизации, позволяющая нарушителю выполнить произвольный код с привилегиями root
EPSS
6.7 Medium
CVSS3