Lucene search
K

4 matches found

Rosalinux
Rosalinux
added 2021/07/02 4:35 p.m.24 views

Advisory ROSA-SA-2021-1816

Software: cups 1.6.3 OS: Cobalt 7.9 CVE-ID: CVE-2013-6891 CVE-Crit: HIGH CVE-DESC: lppasswd in CUPS before 1.7.1 when run with setuid privileges allows local users to read parts of arbitrary files via modified HOME environment variable and symbolic link attack using .cups / client.conf. CVE-STATU...

5.9CVSS6.9AI score0.02255EPSS
Exploits3
OSV
OSV
added 2014/01/26 1:55 a.m.7 views

CVE-2013-6891

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf...

6AI score
Exploits0References7
CVE
CVE
added 2014/01/26 1:0 a.m.223 views

CVE-2013-6891

CVE-2013-6891 affects CUPS prior to 1.7.1. The lppasswd tool, when run with setuid, allows local users to read portions of arbitrary files via a crafted HOME environment and a symlink attack on .cups/client.conf. Impact is local information disclosure; there is no remote code execution stated. Th...

1.2CVSS6AI score0.00446EPSS
Exploits1References6Affected Software1
Mageia
Mageia
added 2014/01/21 4:19 p.m.58 views

Updated cups packages fix a security vulverability

Updated cups packages fix security vulnerability: Jann Horn discovered that the CUPS lppasswd tool incorrectly read a user configuration file in certain configurations. A local attacker could use this to read sensitive information from certain files, bypassing access restrictions CVE-2013-6891...

1.2CVSS1.1AI score0.00446EPSS
Exploits1References3
Rows per page
Query Builder