Updated cups packages fix security vulnerability
Publication date: 05 Aug 2014Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3537 , CVE-2014-5029 , CVE-2014-5030 , CVE-2014-5031
Description
In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537). It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation (CVE-2014-5029, CVE-2014-5030, CVE-2014-5031).
References
- https://bugs.mageia.org/show_bug.cgi?id=13783
- https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135528.html
- https://www.debian.org/security/2014/dsa-2990
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
SRPMS
3/core
- cups-1.5.4-9.4.mga3
4/core
- cups-1.7.0-7.3.mga4