Bug 35357 - cups: Information disclosure / privilege escalation (3.2)
cups: Information disclosure / privilege escalation (3.2)
Status: RESOLVED DUPLICATE of bug 35402
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.2-x-errata
Assigned To: Security maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-07-15 07:42 CEST by Moritz Muehlenhoff
Modified: 2015-02-17 07:24 CET (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-07-15 07:42:27 CEST
CVE-2014-3537

Cups features a built-in RSS mechanism to notify users of the print scheduler status. The CUPS web server serves requests to any URL starting with "/rss" with the respecitive file below /var/cache/cups/rss/. This directory is writable by the group "sys" and the CUPS web server follows symlinks, i.e. it would be possible to symlink to e.g. /etc/machine.secret.

The impact on UCS is rather low: "sys" is a local group and empty by default.
Comment 1 Moritz Muehlenhoff univentionstaff 2015-02-17 07:24:53 CET

*** This bug has been marked as a duplicate of bug 35402 ***