1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
PublicDateAtUSN: 2010-03-03
Candidate: CVE-2010-0393
PublicDate: 2010-03-05
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
http://www.ubuntu.com/usn/usn-906-1
Description:
The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2,
1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the
file that provides localized message strings, which allows local users to
gain privileges via a file that contains crafted localization data with
format string specifiers.
Ubuntu-Description:
Notes:
mdeslaur> Fortify source removed the root escalation part
Bugs:
Priority: medium
Discovered-by: Ronald Volgers
Assigned-to:
Patches_cups:
Tags_cups: fortify-source
upstream_cups: needs-triage
dapper_cups: DNE
hardy_cups: DNE
intrepid_cups: released (1.3.9-2ubuntu9.5)
jaunty_cups: released (1.3.9-17ubuntu3.6)
karmic_cups: released (1.4.1-5ubuntu2.4)
devel_cups: released (1.4.2-10)
Patches_cupsys:
upstream_cupsys: needs-triage
dapper_cupsys: released (1.2.2-0ubuntu0.6.06.17)
hardy_cupsys: released (1.3.7-1ubuntu3.8)
intrepid_cupsys: DNE
jaunty_cupsys: DNE
karmic_cupsys: DNE
devel_cupsys: DNE
|