Lucene search

K

PRIOn knowledge basePRION:CVE-2010-2431

HistoryJun 22, 2010 - 8:30 p.m.

Design/Logic Flaw

2010-06-2220:30:00

PRIOn knowledge base

www.prio-n.com

3

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file.

CPENameOperatorVersion
cupseq1.1.20
cupseq1.1.5-2
cupseq1.3.9
cupseq1.1.14
cupseq1.3 rc2
cupseq1.1.6-1
cupseq1.1.18
cupseq1.1.12
cupsle1.4.3
cupseq1.3.11

Rows per page:

1-10 of 841

References

cups.org/articles.php?L596

cups.org/str.php?L3510

rhn.redhat.com/errata/RHSA-2010-0811.html

secunia.com/advisories/43521

security.gentoo.org/glsa/glsa-201207-10.xml

www.debian.org/security/2011/dsa-2176

www.mandriva.com/security/advisories?name=MDVSA-2010:232

www.mandriva.com/security/advisories?name=MDVSA-2010:234

www.vupen.com/english/advisories/2010/2856

www.vupen.com/english/advisories/2011/0535

bugzilla.redhat.com/show_bug.cgi?id=605397

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2010-2431

ubuntucve1 debiancve1 veracode1 cve1 oraclelinux1 openvas10 centos1 nessus11 redhat1 osv1 debian1 gentoo1