Computer Security
[EN] securityvulns.ru no-pyccku


CUPS privilege escalation
Published:07.12.2012
Source:
SecurityVulns ID:12746
Type:local
Threat Level:
5/10
Description:Weak permissions for configuration files.
Affected:CUPS : CUPS 1.4
CVE:CVE-2012-5519 (CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.)
Original documentdocumentUBUNTU, [USN-1654-1] CUPS vulnerability (07.12.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod