Summary: | net-print/cups<1.3.8 DOS (CVE-2008-{5183,5184}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | printing |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.cups.org/str.php?L2774 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2008-11-25 09:19:29 UTC
Name: CVE-2008-5184 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5184 Published: 2008-11-20 Severity: High Description: The web interface (cgi-bin/admin.c) in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the (1) add and (2) cancel RSS subscription functions. Also see: http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/ I'm going to completely remove all net-print/cups<1.3.8 from the tree now that all arches have stabilized CUPS 1.3(.8). Regarding this bug, CUPS 1.2.x possibly isn't affected by this since it didn't have a RSS option back then. Everything which is net-print/cups<1.3.8 is now gone, net-print/cups-1.3.8-r2 is stable on all arches and I guess net-print/cups-1.3.9-r1 is going to be stabilized due to security bug #249727. This has been covered with GLSA 200812-11, closing. |