#VU43321 Permissions, Privileges, and Access Controls in CUPS - CVE-2012-5519
Published: November 20, 2012 / Updated: June 15, 2023
Vulnerability identifier: #VU43321
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber
CVE-ID: CVE-2012-5519
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
CUPS
CUPS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
Remediation
Install update from vendor's website.
External links
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791
- http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00010.html
- http://rhn.redhat.com/errata/RHSA-2013-0580.html
- http://support.apple.com/kb/HT5784
- http://www.openwall.com/lists/oss-security/2012/11/10/5
- http://www.openwall.com/lists/oss-security/2012/11/11/2
- http://www.openwall.com/lists/oss-security/2012/11/11/5
- http://www.securityfocus.com/bid/56494
- http://www.ubuntu.com/usn/USN-1654-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80012