|Category:||Mandrake Local Security Checks|
|Title:||Mandriva Update for cups MDVSA-2012:179 (cups)|
|Summary:||The remote host is missing an update for the 'cups'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'cups'
package(s) announced via the referenced advisory.
A vulnerability was discovered and corrected in cups:
CUPS 1.4.4, when running in certain Linux distributions such as
Debian GNU/Linux, stores the web interface administrator key in
/var/run/cups/certs/0 using certain permissions, which allows local
users in the lpadmin group to read or write arbitrary files as root
by leveraging the web interface (CVE-2012-5519).
The updated packages have been patched to correct this issue.
cups on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-5519|
BugTraq ID: 56494
RedHat Security Advisories: RHSA-2013:0580
SuSE Security Announcement: SUSE-SU-2015:1041 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1044 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1056 (Google Search)
XForce ISS Database: cups-systemgroup-priv-esc(80012)
|Copyright||Copyright (c) 2012 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.