Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2707

Overview

Vulnerability Score 8.3 8.3
CVE Id CVE-2014-2707
Last Modified 26 Jun 2014 12:49:43
Published 17 Apr 2014 10:55:11
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2707

Summary

cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."

Vulnerable Systems

Application

  • Linuxfoundation Cups-filters 1.0.41

  • Linuxfoundation Cups-filters 1.0.42

  • Linuxfoundation Cups-filters 1.0.43

  • Linuxfoundation Cups-filters 1.0.44

  • Linuxfoundation Cups-filters 1.0.45

  • Linuxfoundation Cups-filters 1.0.46

  • Linuxfoundation Cups-filters 1.0.47

  • Linuxfoundation Cups-filters 1.0.48

  • Linuxfoundation Cups-filters 1.0.49

  • Linuxfoundation Cups-filters 1.0.50


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1083326

SECUNIA - 57530

MLIST - [oss-security] 20140402 Re: cups-browsed remote exploit

FEDORA - FEDORA-2014-4708

CONFIRM - http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7188#NEWS

UBUNTU - USN-2210-1


Last Updated: 27 May 2016 11:05:02