CLSA-2025-1762537354 cups: Fix of CVE-2024-35235

CVE-2024-35235: patch arbitrary chmod vulnerability in cupsd process when starting server with symbolic link Listen configuration item...

cups: Cupsd Listen arbitrary chmod 0140777

A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this...

CVE-2024-35235

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the...

PT-2024-5078 · Openprinting +10 · Openprinting Cups +10

Name of the Vulnerable Software and Affected Versions: OpenPrinting CUPS versions 2.4.8 and earlier Description: The issue is related to the cupsd server, which can be caused to perform an arbitrary chmod of the provided argument when starting with a Listen configuration item pointing to a symbol...

CUPS 1.1.x - Cupsd Request Method Denial of Service

CUPS 1.1.x - Cupsd Request Method Denial of Service source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to...

CUPS 1.1.x - Cupsd Request Method Denial of Service

source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to subsequent cupsd requests. This issue may be exploited...