Lucene search
Gentoo FoundationMGASA-2024-0227HistoryJun 17, 2024 - 8:44 p.m.
Updated cups packages fix security vulnerability
2024-06-1720:44:07
Gentoo Foundation
advisories.mageia.org
20
cups packages
security vulnerability
chmod
world-writable access
unix
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0
Percentile
5.2%
When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | cups | < 2.4.6-1.2 | cups-2.4.6-1.2.mga9 |
Related
openvas
openvas
Ubuntu: Security Advisory (USN-6844-1)
2024-06-25 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2002-1)
2024-06-13 00:00:00
Fedora: Security Advisory (FEDORA-2024-7c36291390)
2024-08-06 00:00:00
nessus
nessus
RHEL 8 : cups (RHSA-2024:4265)
2024-07-02 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : CUPS vulnerability (USN-6844-1)
2024-06-24 00:00:00
RHEL 9 : cups (RHSA-2024:4776)
2024-07-23 00:00:00
slackware
slackware
[slackware-security] cups
2024-06-11 21:55:39
redhat
redhat
(RHSA-2024:5644) Moderate: cups security update
2024-08-20 15:39:16
(RHSA-2024:4265) Moderate: cups security update
2024-07-02 13:57:52
(RHSA-2024:4715) Moderate: cups security update
2024-07-23 08:05:26
osv
osv
Security update for cups
2024-06-12 05:30:57
CVE-2024-35235
2024-06-11 15:16:07
Moderate: cups security update
2024-07-02 00:00:00
almalinux
almalinux
Moderate: cups security update
2024-07-02 00:00:00
Moderate: cups security update
2024-07-23 00:00:00
alpinelinux
alpinelinux
CVE-2024-35235
2024-06-11 15:16:07
redos
redos
ROS-20240806-19
2024-08-06 00:00:00
oraclelinux
oraclelinux
cups security update
2024-07-23 00:00:00
cups security update
2024-07-02 00:00:00
vulnrichment
vulnrichment
CVE-2024-35235 Cupsd Listen arbitrary chmod 0140777
2024-06-11 14:13:23
redhatcve
redhatcve
CVE-2024-35235
2024-06-12 00:40:16
nvd
nvd
CVE-2024-35235
2024-06-11 15:16:07
ubuntucve
ubuntucve
CVE-2024-35235
2024-06-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-35235 affecting package cups for versions less than 2.4.10-1
2024-07-22 15:42:40
cvelist
cvelist
CVE-2024-35235 Cupsd Listen arbitrary chmod 0140777
2024-06-11 14:13:23
cve
cve
CVE-2024-35235
2024-06-11 15:16:07
fedora
fedora
[SECURITY] Fedora 39 Update: cups-2.4.10-1.fc39
2024-07-13 02:42:10
[SECURITY] Fedora 40 Update: cups-2.4.10-1.fc40
2024-07-02 02:34:49
debiancve
debiancve
CVE-2024-35235
2024-06-11 15:16:07
ubuntu
ubuntu
CUPS vulnerability
2024-06-24 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2024-4.0-0629
2024-06-11 00:00:00
Moderate Photon OS Security Update - PHSA-2024-5.0-0289
2024-06-11 00:00:00
ibm
ibm
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Sept 2024
2024-09-25 16:29:13
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2024.
2024-09-08 15:34:03
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-07-31 19:41:25
CVSS3
4.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0
Percentile
5.2%
Related for MGASA-2024-0227