CUPS vulnerabilities

Releases

• Ubuntu 10.04
• Ubuntu 9.10
• Ubuntu 9.04
• Ubuntu 8.04
• Ubuntu 6.06

Packages

• cups -
• cupsys -

Details

Adrian Pastor and Tim Starling discovered that the CUPS web interface
incorrectly protected against cross-site request forgery (CSRF) attacks. If
an authenticated user were tricked into visiting a malicious website while
logged into CUPS, a remote attacker could modify the CUPS configuration and
possibly steal confidential data. (CVE-2010-0540)

It was discovered that CUPS did not properly handle memory allocations in
the texttops filter. If a user or automated system were tricked into
printing a crafted text file, a remote attacker could cause a denial of
service or possibly execute arbitrary code with privileges of the CUPS user
(lp). (CVE-2010-0542)

Luca Carettoni discovered that the CUPS web interface incorrectly handled
form variables. A remote attacker who had access to the CUPS web interface
could use this flaw to read a limited amount of memory from the cupsd
process and possibly obtain confidential data. (CVE-2010-1748)