Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: cups-browsed remote exploit
From: cve-assign () mitre org
Date: Wed, 2 Apr 2014 16:18:11 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

For this it creates a filter-script

snprintf

"%s/filter/pdftoippprinter \"$1\" \"$2\" \"$3\" \"$4\" \"$5 $extra_options\"\n",
p->name, pdl, make_model, cups_serverbin);

its easy to inject code to the script e.g. via model name or pdl key
which is taken from the LAN packets.

Use CVE-2014-2707.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTPG+wAAoJEKllVAevmvmsURkIAKl8pUwj4b/v8yc/DeRw+Hp+
lc+eaJ6SN2qsZXK3thqK1Ail6oMIQTzlR/sfzhDnTYXHAK6d1p/HZXz6ZcqsJ8Fa
RvsXTlMhGj+VeKWkYMUeVGi4I1O2I33+i/mnwysYaX0XlC09axg+jou3AM4bZWzM
vr6OxhZwhJpjI0EXJVjTZDQP+7sO6fUe20ZVuL+IUTcUzKrpqyJ2cNaz6ZgX7JpG
+Kj7OFTOSYu1mNJfq2oKVTRqtA9oXB+7kF3KZjfDGtSzuaMwyjvs6I2hJZw+FbUQ
FJKR+Qlo3dCQRfjz/KTe8sEhouZtukN/HsZv/cSmiTNbukw5PNzcJGDkwp+2IgU=
=znhE
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault