Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mandriva Update for cups MDVSA-2012:179 (cups)

Information

Severity

Severity

High

Family

Family

Mandrake Local Security Checks

CVSSv2 Base

CVSSv2 Base

7.2

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

11 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update for the 'cups' package(s) announced via the referenced advisory.

Insight

Insight

A vulnerability was discovered and corrected in cups: CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface (CVE-2012-5519). The updated packages have been patched to correct this issue.

Affected Software

Affected Software

cups on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2

Solution

Solution

Please Install the Updated Packages.

Common Vulnerabilities and Exposures (CVE)