| Description: | cups-filters contains backends, filters, and other software required
to get the cups printing service working on operating systems other
than macos. If you use the Backend Error Handler (beh) to create an
accessible network printer, this security vulnerability can cause
remote code execution. `beh.c` contains the line `retval =
system(cmdline) >> 8;` which calls the `system` command with the
operand `cmdline`. `cmdline` contains multiple user controlled,
unsanitized values. As a result an attacker with network access to the
hosted print server can exploit this vulnerability to inject system
commands which are executed in the context of the running server. This
issue has been addressed in commit `8f2740357` and is expected to be
bundled in the next release. Users are advised to upgrade when
possible and to restrict access to network printers in the meantime.
|
