正文

Easy Software Products CUPS访问控制列表绕过漏洞

admin
admin V管理员 /0 评论 /9 阅读
1231
此篇文章发布距今已超过1284天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Easy Software Products CUPS访问控制列表绕过漏洞

  • CNNVD编号:CNNVD-200412-588
    • <!--
  • 危害等级: 高危-->
  • 危害等级: 高危
  • CVE编号: CVE-2004-2154
  • 漏洞类型: 访问验证错误
  • 发布时间: 2004-12-31
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: easy_software_products
  • 漏洞来源: This issue was rep...

漏洞简介

CUPS 1.1.21rc1以前版本将cupsd.conf的Location指令作为敏感情况。攻击者可以借助包含大写或小写字母的打印机名称绕过预定ACLs,该打印机名称与指令中指明的不同。

漏洞公告

The vendor has released a fixed version of the affected software to address this issue. Please see the referenced advisories for more information. Easy Software Products CUPS 1.0.4 -8

  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.0.4
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.1
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.10
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.12
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.13
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.14
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
  • RedHat cups-1.1.14-15.4.5.legacy.i386.rpmRed Hat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/cups-1.1.14-1 5.4.5.legacy.i386.rpm
  • RedHat cups-1.1.17-13.3.0.14.legacy.i386.rpmRed Hat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-1.1.17-13. 3.0.14.legacy.i386.rpm
  • RedHat cups-devel-1.1.14-15.4.5.legacy.i386.rpmRed Hat Linux 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/cups-devel-1. 1.14-15.4.5.legacy.i386.rpm
  • RedHat cups-devel-1.1.17-13.3.0.14.legacy.i386.rpmRed Hat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-devel-1.1. 17-13.3.0.14.legacy.i386.rpm
  • RedHat cups-libs-1.1.14-15.4.5.legacy.i386.rpmFedora Legacy 7.3 http://download.fedoralegacy.org/redhat/7.3/updates/i386/cups-libs-1.1 .14-15.4.5.legacy.i386.rpm
  • RedHat cups-libs-1.1.17-13.3.0.14.legacy.i386.rpmRed Hat Linux 9 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-libs-1.1.1 7-13.3.0.14.legacy.i386.rpm
Easy Software Products CUPS 1.1.15
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.16
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
  • Mandriva cups-1.1.20-5.9.C30mdk.i586.rpmCorporate 3.0: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva cups-common-1.1.20-5.9.C30mdk.i586.rpmCorporate 3.0: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva cups-serial-1.1.20-5.9.C30mdk.i586.rpmCorporate 3.0: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups1-1.1.18-2.11.C21mdk.i586.rpmCorporate Server 2.1: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups1-1.1.18-2.11.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64 http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups1-devel-1.1.18-2.11.C21mdk.i586.rpmCorporate Server 2.1: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups1-devel-1.1.18-2.11.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64 http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups2-1.1.20-5.9.C30mdk.i586.rpmCorporate 3.0: http://www1.mandrivalinux.com/en/ftp.php3
  • Mandriva libcups2-devel-1.1.20-5.9.C30mdk.i586.rpmCorporate 3.0: http://www1.mandrivalinux.com/en/ftp.php3
Easy Software Products CUPS 1.1.17
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
  • RedHat cups-1.1.17-13.3.0.14.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-1.1.17-13. 3.0.14.legacy.i386.rpm
  • RedHat cups-devel-1.1.17-13.3.0.14.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-devel-1.1. 17-13.3.0.14.legacy.i386.rpm
  • RedHat cups-libs-1.1.17-13.3.0.14.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/redhat/9/updates/i386/cups-libs-1.1.1 7-13.3.0.14.legacy.i386.rpm
Easy Software Products CUPS 1.1.18
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
Easy Software Products CUPS 1.1.19
  • Easy Software Products CUPS 1.1.21 http://www.cups.org/software.php
  • RedHat cups-1.1.19-13.9.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/cups-1.1.19-13. 9.legacy.i386.rpm
  • RedHat cups-devel-1.1.19-13.9.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/cups-devel-1.1. 19-13.9.legacy.i386.rpm
  • RedHat cups-libs-1.1.19-13.9.legacy.i386.rpmFedora Core 1 http://download.fedoralegacy.org/fedora/1/updates/i386/cups-libs-1.1.1 9-13.9.legacy.i386.rpm

参考网址

来源: www.cups.org 链接:http://www.cups.org/str.php?L700 来源: bugzilla.redhat.com 链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 来源: OVAL 名称: oval:org.mitre.oval:def:9940 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9940 来源: FEDORA 名称: FLSA:163274 链接:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274 来源: UBUNTU 名称: USN-185-1 链接:http://www.ubuntu.com/usn/usn-185-1 来源: REDHAT 名称: RHSA-2005:571 链接:http://www.redhat.com/support/errata/RHSA-2005-571.html 来源: SUSE 名称: SUSE-SR:2005:018 链接:http://www.novell.com/linux/security/advisories/2005_18_sr.html

受影响实体

  • Easy_software_products Cups:1.1.19_rc5  
    <!--
    2000-1-1
    -->
  • Easy_software_products Cups:1.1.20  
    <!--
    2000-1-1
    -->
  • Easy_software_products Cups:1.1.19  
    <!--
    2000-1-1
    -->
  • Easy_software_products Cups:1.1.17  
    <!--
    2000-1-1
    -->
  • Easy_software_products Cups:1.1.18  
    <!--
    2000-1-1
    -->

补丁

    暂无