Privilege Escalation

2020-04-1000:53:11

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

2.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:P/A:P

JSON

cups is vulnerable to privilege escalation. A possible privilege escalation flaw was found in CUPS. An unprivileged process running as the “lp” user (such as a compromised external filter program spawned by the CUPS server) could trick the CUPS server into overwriting arbitrary files as the root user.

CPENameOperatorVersion
cupseq1.2.4__11.18.el5_2.1
cupseq1.2.4__11.5.1.el5
cupseq1.2.4__11.14.el5
cupseq1.3.7__11.el5_4.5
cupseq1.3.7__8.el5
cupseq1.2.4__11.14.el5_1.4
cupseq1.3.7__11.el5_4.6
cupseq1.2.4__11.14.el5_1.6
cupseq1.2.4__11.18.el5_2.2
cupseq1.3.7__8.el5_3.6

Name	Operator	Version
cups	eq	1.2.4__11.18.el5_2.1
cups	eq	1.2.4__11.5.1.el5
cups	eq	1.2.4__11.14.el5
cups	eq	1.3.7__11.el5_4.5
cups	eq	1.3.7__8.el5
cups	eq	1.2.4__11.14.el5_1.4
cups	eq	1.3.7__11.el5_4.6
cups	eq	1.2.4__11.14.el5_1.6
cups	eq	1.2.4__11.18.el5_2.2
cups	eq	1.3.7__8.el5_3.6