Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for cups (openSUSE-SU-2015:1056-1)
Summary:The remote host is missing an update for the 'cups'; package(s) announced via the referenced advisory.
The remote host is missing an update for the 'cups'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update fixes the following issues:

- CVE-2015-1158 and CVE-2015-1159 fixes a possible privilege escalation
via cross-site scripting and bad print job submission used to replace
cupsd.conf on server (CUPS STR#4609 CERT-VU-810572 CVE-2015-1158
CVE-2015-1159 bsc#924208). In general it is crucial to
limit access to CUPS to trustworthy users who do not misuse their
permission to submit print jobs which means to upload arbitrary data
onto the CUPS server, see the references and cf. the
entries about CVE-2012-5519.

Affected Software/OS:
cups on openSUSE 13.1

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-5519
BugTraq ID: 56494
RedHat Security Advisories: RHSA-2013:0580
SuSE Security Announcement: SUSE-SU-2015:1041 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1044 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1056 (Google Search)
XForce ISS Database: cups-systemgroup-priv-esc(80012)
Common Vulnerability Exposure (CVE) ID: CVE-2015-1158
BugTraq ID: 75098
CERT/CC vulnerability note: VU#810572
Debian Security Information: DSA-3283 (Google Search)
RedHat Security Advisories: RHSA-2015:1123
Common Vulnerability Exposure (CVE) ID: CVE-2015-1159
BugTraq ID: 75106
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.