PT-2014-1768 · Apple+4 · Cups+4

Salvatore Bonaccorso

Published

2014-07-23

Updated

2024-06-15

CVE-2014-5029

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions CUPS version 1.7.4

Description The issue allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ by setting the language[0] variable to null. This is due to an incomplete fix for a previous issue. Multiple vulnerabilities in the CUPS package of the Debian GNU/Linux operating system can lead to a breach of protected information, and exploitation can be done remotely.

Recommendations For CUPS version 1.7.4, consider restricting access to the /var/cache/cups/rss/ directory to prevent symlink attacks, and avoid setting the language[0] variable to null to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

BDU:2015-01463

CESA-2014_1388

CVE-2014-5029

DLA-0022-1

DSA-2990-1

MGASA-2014-0313

OPENSUSE-SU-2024:10075-1

RHSA-2014:1388

RHSA-2014_1388

SUSE-SU-2015:0575-1

SUSE-SU-2015:1011-1

USN-2341-1

Affected Products

Cups

Centos

Red Hat

Suse

Ubuntu

PT-2014-1768 · Apple+4 · Cups+4

CVE-2014-5029

Weakness Enumeration

Related Identifiers

Affected Products

References · 65