Test ID:	1.3.6.1.4.1.25623.1.0.841912
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2293-1)
Summary:	The remote host is missing an update for the 'cups' package(s) announced via the USN-2293-1 advisory.
Description:	Summary: The remote host is missing an update for the 'cups' package(s) announced via the USN-2293-1 advisory. Vulnerability Insight: Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation. Affected Software/OS: 'cups' package(s) on Ubuntu 10.04, Ubuntu 12.04, Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 1.2 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3537 1030611 http://www.securitytracker.com/id/1030611 59945 http://secunia.com/advisories/59945 60273 http://secunia.com/advisories/60273 60787 http://secunia.com/advisories/60787 68788 http://www.securityfocus.com/bid/68788 APPLE-SA-2014-10-16-1 http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html FEDORA-2014-8351 http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html MDVSA-2015:108 http://www.mandriva.com/security/advisories?name=MDVSA-2015:108 RHSA-2014:1388 http://rhn.redhat.com/errata/RHSA-2014-1388.html USN-2293-1 http://www.ubuntu.com/usn/USN-2293-1 http://advisories.mageia.org/MGASA-2014-0313.html http://www.cups.org/blog.php?L724 http://www.cups.org/str.php?L4450 https://bugzilla.redhat.com/show_bug.cgi?id=1115576 https://support.apple.com/kb/HT6535
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.