Summary: | <net-print/cups-filters-1.0.53: inadequate fix for CVE-2014-2707 (CVE-2014-{4336,4337,4338}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1091565 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-04-27 09:10:52 UTC
Arches please test and stabilize net-print/cups-1.0.53 Target: all stable arches Stable for HPPA. Arches, please test and mark stable: =net-print/cups-1.0.53 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" Thank you! amd64 stable x86 stable arm stable ppc stable ppc64 stable ia64 stable sparc stable alpha stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. All vulnerable versions removed. Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. This issue was resolved and addressed in GLSA 201406-16 at http://security.gentoo.org/glsa/glsa-201406-16.xml by GLSA coordinator Mikle Kolyada (Zlogene). CVE-2014-4338 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4338): cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses. CVE-2014-4337 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4337): The process_browse_data function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted packet data. CVE-2014-4336 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4336): The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707. |