CUPS: Arbitrary file read/write — GLSA 201404-01

A vulnerability in CUPS may allow for arbitrary file access.

Affected packages

net-print/cups on all architectures
Affected versions < 1.6.2-r5
Unaffected versions >= 1.6.2-r5

Background

CUPS, the Common Unix Printing System, is a full-featured print server.

Description

Members of the lpadmin group have admin access to the web interface, where they can edit the config file and set some “dangerous” directives (like the logfilenames), which enable them to read or write files as the user running the CUPS webserver.

Impact

A local attacker could possibly exploit this vulnerability to read or write files as the user running the CUPS webserver.

Workaround

There is no known workaround at this time.

Resolution

All CUPS users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-print/cups-1.6.2-r5"
 

References

Release date
April 07, 2014

Latest revision
April 07, 2014: 1

Severity
normal

Exploitable
local

Bugzilla entries