Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:11218
HistoryJan 15, 2019 - 8:58 a.m.

Arbitrary File Write

2019-01-1508:58:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

cups is vulnerable to arbitrary file write attacks. The vulnerability exists as CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.

References

Related

openvas 25
nessus 19
redhat 1
ubuntucve 1
prion 1
debiancve 1
debian 1
fedora 2
ubuntu 1
securityvulns 4
osv 1
cve 1
oraclelinux 1
gentoo 1
amazon 1
centos 1
suse 4
openvas
openvas
CentOS Update for cups CESA-2013:0580 centos5
2013-03-05 00:00:00
Debian: Security Advisory (DSA-2600-1)
2013-01-05 00:00:00
Mandriva Update for cups MDVSA-2012:179 (cups)
2012-12-14 00:00:00
nessus
nessus
RHEL 5 / 6 : cups (RHSA-2013:0580)
2013-03-01 00:00:00
Amazon Linux AMI : cups (ALAS-2013-170)
2013-09-04 00:00:00
SuSE 11.2 / 11.3 Security Update : CUPS (SAT Patch Numbers 8436 / 8437)
2013-11-12 00:00:00
redhat
redhat
(RHSA-2013:0580) Moderate: cups security update
2013-02-28 00:00:00
ubuntucve
ubuntucve
CVE-2012-5519
2012-11-19 00:00:00
prion
prion
Design/Logic Flaw
2012-11-20 00:55:00
debiancve
debiancve
CVE-2012-5519
2012-11-20 00:55:00
debian
debian
[SECURITY] [DSA 2600-1] cups security update
2013-01-06 17:33:19
fedora
fedora
[SECURITY] Fedora 18 Update: cups-1.5.4-20.fc18
2013-01-12 01:01:29
[SECURITY] Fedora 17 Update: cups-1.5.4-18.fc17
2013-02-26 02:42:00
ubuntu
ubuntu
CUPS vulnerability
2012-12-05 00:00:00
securityvulns
securityvulns
CUPS privilege escalation
2012-12-07 00:00:00
[USN-1654-1] CUPS vulnerability
2012-12-07 00:00:00
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
osv
osv
cups - privilege escalation
2013-01-06 00:00:00
cve
cve
CVE-2012-5519
2012-11-20 00:55:00
oraclelinux
oraclelinux
cups security update
2013-02-28 00:00:00
gentoo
gentoo
CUPS: Arbitrary file read/write
2014-04-07 00:00:00
amazon
amazon
Medium: cups
2013-03-14 22:04:00
centos
centos
cups security update
2013-03-01 10:00:14
suse
suse
Security update for cups (critical)
2015-06-11 17:05:04
Security update for cups (critical)
2015-06-12 21:05:05
Security update for cups154 (critical)
2015-06-11 20:06:22

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:11218
openvas25nessus19redhat1ubuntucve1prion1debiancve1debian1fedora2ubuntu1securityvulns4osv1cve1oraclelinux1gentoo1amazon1centos1suse4