Bug 35357 – cups: Information disclosure / privilege escalation (3.2)

Bug 35357 - cups: Information disclosure / privilege escalation (3.2)


Summary:	cups: Information disclosure / privilege escalation (3.2)

Status:	RESOLVED DUPLICATE of bug 35402

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 3.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 3.2-x-errata
Assigned To:	Security maintainers
QA Contact:

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2014-07-15 07:42 CEST by Moritz Muehlenhoff
Modified:	2015-02-17 07:24 CET (History)
CC List:	0 users

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Moritz Muehlenhoff

2014-07-15 07:42:27 CEST

CVE-2014-3537

Cups features a built-in RSS mechanism to notify users of the print scheduler status. The CUPS web server serves requests to any URL starting with "/rss" with the respecitive file below /var/cache/cups/rss/. This directory is writable by the group "sys" and the CUPS web server follows symlinks, i.e. it would be possible to symlink to e.g. /etc/machine.secret.

The impact on UCS is rather low: "sys" is a local group and empty by default.

Comment 1 Moritz Muehlenhoff

2015-02-17 07:24:53 CET


*** This bug has been marked as a duplicate of bug 35402 ***