Описание
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.6.1-0ubuntu12 |
| hardy | DNE | |
| lucid | released | 1.4.3-1ubuntu1.9 |
| oneiric | released | 1.5.0-8ubuntu7.3 |
| precise | released | 1.5.3-0ubuntu5.1 |
| quantal | released | 1.6.1-0ubuntu11.3 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | released | 1.3.7-1ubuntu3.16 |
| lucid | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| upstream | needs-triage |
Показывать по
7.2 High
CVSS2
Связанные уязвимости
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
CUPS 1.4.4, when running in certain Linux distributions such as Debian ...
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
7.2 High
CVSS2