CVE-2012-5519
Publication date 19 November 2012
Last updated 24 July 2024
Ubuntu priority
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.
Status
Package | Ubuntu Release | Status |
---|---|---|
cups | 12.10 quantal |
Fixed 1.6.1-0ubuntu11.3
|
12.04 LTS precise |
Fixed 1.5.3-0ubuntu5.1
|
|
11.10 oneiric |
Fixed 1.5.0-8ubuntu7.3
|
|
10.04 LTS lucid |
Fixed 1.4.3-1ubuntu1.9
|
|
8.04 LTS hardy | Not in release | |
cupsys | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy |
Fixed 1.3.7-1ubuntu3.16
|
Notes
mdeslaur
On Ubuntu, file disclosure and corruption is limited by the AppArmor profile, which limits exposure. It still can access some important files though, such as /etc/shadow. Upstream patch moves dangerous configuration options to a second config file which is not web-editable. Although this is a good long-term solution, the changes are too intrusive for a security update. The most sensible thing to do at this time is to completely disable modifying the cupsd.conf file via the web interface.
References
Related Ubuntu Security Notices (USN)
- USN-1654-1
- CUPS vulnerability
- 5 December 2012