PT-2014-3215 · Apple+1 · Cups+1
Jann Horn
·
Published
2014-01-21
·
Updated
2014-04-21
·
CVE-2013-6891
CVSS v2.0
1.2
Low
| Vector | AV:L/AC:H/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
CUPS versions prior to 1.7.1
Description
The issue allows local users to read portions of arbitrary files through a modified
HOME environment variable and a symlink attack involving the .cups/client.conf file. This occurs when the software is run with setuid privileges.Recommendations
For versions prior to 1.7.1, update to version 1.7.1 or later to resolve the issue. As a temporary workaround, consider restricting the execution of lppasswd with setuid privileges to minimize the risk of exploitation. Avoid using a modified
HOME environment variable that could be used in a symlink attack involving the .cups/client.conf file until the issue is resolved.Exploit
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Cups