oss-sec mailing list archives
Re: cups-browsed remote exploit
From: cve-assign () mitre org
Date: Wed, 2 Apr 2014 16:18:11 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
For this it creates a filter-script snprintf "%s/filter/pdftoippprinter \"$1\" \"$2\" \"$3\" \"$4\" \"$5 $extra_options\"\n", p->name, pdl, make_model, cups_serverbin); its easy to inject code to the script e.g. via model name or pdl key which is taken from the LAN packets.
Use CVE-2014-2707. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTPG+wAAoJEKllVAevmvmsURkIAKl8pUwj4b/v8yc/DeRw+Hp+ lc+eaJ6SN2qsZXK3thqK1Ail6oMIQTzlR/sfzhDnTYXHAK6d1p/HZXz6ZcqsJ8Fa RvsXTlMhGj+VeKWkYMUeVGi4I1O2I33+i/mnwysYaX0XlC09axg+jou3AM4bZWzM vr6OxhZwhJpjI0EXJVjTZDQP+7sO6fUe20ZVuL+IUTcUzKrpqyJ2cNaz6ZgX7JpG +Kj7OFTOSYu1mNJfq2oKVTRqtA9oXB+7kF3KZjfDGtSzuaMwyjvs6I2hJZw+FbUQ FJKR+Qlo3dCQRfjz/KTe8sEhouZtukN/HsZv/cSmiTNbukw5PNzcJGDkwp+2IgU= =znhE -----END PGP SIGNATURE-----
Current thread:
- cups-browsed remote exploit Sebastian Krahmer (Apr 01)
- Re: cups-browsed remote exploit cve-assign (Apr 02)
- Re: Re: cups-browsed remote exploit Jamie Strandboge (Apr 25)
- Re: Re: cups-browsed remote exploit Tomas Hoger (Jun 19)
- Re: cups-browsed remote exploit cve-assign (Jun 19)
- Re: Re: cups-browsed remote exploit Jamie Strandboge (Apr 25)
- Re: cups-browsed remote exploit cve-assign (Apr 02)