Medium: cups

2013-03-1422:04:00

alas.aws.amazon.com

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

45.7%

JSON

Issue Overview:

It was discovered that CUPS administrative users (members of the SystemGroups groups) who are permitted to perform CUPS configuration changes via the CUPS web interface could manipulate the CUPS configuration to gain unintended privileges. Such users could read or write arbitrary files with the privileges of the CUPS daemon, possibly allowing them to run arbitrary code with root privileges. (CVE-2012-5519)

After installing this update, the ability to change certain CUPS configuration directives remotely will be disabled by default. The newly introduced ConfigurationChangeRestriction directive can be used to enable the changing of the restricted directives remotely.

Affected Packages:

cups

Issue Correction:
Run yum update cups to update your system.

New Packages:

i686:  
    cups-debuginfo-1.4.2-50.18.amzn1.i686  
    cups-libs-1.4.2-50.18.amzn1.i686  
    cups-devel-1.4.2-50.18.amzn1.i686  
    cups-lpd-1.4.2-50.18.amzn1.i686  
    cups-php-1.4.2-50.18.amzn1.i686  
    cups-1.4.2-50.18.amzn1.i686  
  
src:  
    cups-1.4.2-50.18.amzn1.src  
  
x86_64:  
    cups-1.4.2-50.18.amzn1.x86_64  
    cups-devel-1.4.2-50.18.amzn1.x86_64  
    cups-php-1.4.2-50.18.amzn1.x86_64  
    cups-debuginfo-1.4.2-50.18.amzn1.x86_64  
    cups-lpd-1.4.2-50.18.amzn1.x86_64  
    cups-libs-1.4.2-50.18.amzn1.x86_64

Additional References

Red Hat: CVE-2012-5519

Mitre: CVE-2012-5519

OSVersionArchitecturePackageVersionFilename
Amazon Linux1i686cups-debuginfo< 1.4.2-50.18.amzn1cups-debuginfo-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1i686cups-libs< 1.4.2-50.18.amzn1cups-libs-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1i686cups-devel< 1.4.2-50.18.amzn1cups-devel-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1i686cups-lpd< 1.4.2-50.18.amzn1cups-lpd-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1i686cups-php< 1.4.2-50.18.amzn1cups-php-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1i686cups< 1.4.2-50.18.amzn1cups-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux1x86_64cups< 1.4.2-50.18.amzn1cups-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux1x86_64cups-devel< 1.4.2-50.18.amzn1cups-devel-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux1x86_64cups-php< 1.4.2-50.18.amzn1cups-php-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux1x86_64cups-debuginfo< 1.4.2-50.18.amzn1cups-debuginfo-1.4.2-50.18.amzn1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	i686	cups-debuginfo	< 1.4.2-50.18.amzn1	cups-debuginfo-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	i686	cups-libs	< 1.4.2-50.18.amzn1	cups-libs-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	i686	cups-devel	< 1.4.2-50.18.amzn1	cups-devel-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	i686	cups-lpd	< 1.4.2-50.18.amzn1	cups-lpd-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	i686	cups-php	< 1.4.2-50.18.amzn1	cups-php-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	i686	cups	< 1.4.2-50.18.amzn1	cups-1.4.2-50.18.amzn1.i686.rpm
Amazon Linux	1	x86_64	cups	< 1.4.2-50.18.amzn1	cups-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	cups-devel	< 1.4.2-50.18.amzn1	cups-devel-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	cups-php	< 1.4.2-50.18.amzn1	cups-php-1.4.2-50.18.amzn1.x86_64.rpm
Amazon Linux	1	x86_64	cups-debuginfo	< 1.4.2-50.18.amzn1	cups-debuginfo-1.4.2-50.18.amzn1.x86_64.rpm