oss-sec mailing list archives

Re: CUPS printing system vulnerabilities

From: Will Dormann <will.dormann () analygence com>
Date: Fri, 27 Sep 2024 09:34:42 -0400

On 9/26/24 6:11 PM, Solar Designer wrote:

* CVE-2024-47176 | cups-browsed <= 2.0.1 binds on UDP INADDR_ANY:631
   trusting any packet from any source to trigger a
   Get-Printer-Attributes IPP request to an attacker controlled URL.


This seems like a plausible and precise description for a vulnerability.

Yet the actual CVE entry is "cups-browsed bugs and other bugs cancombine, leading to info leak and remote code execution"

<https://github.com/CVEProject/cvelistV5/blob/07723f33d3792d747b650a873346400ca5dc2034/cves/2024/47xxx/CVE-2024-47176.json#L15>
and several unrelated CWEs are listed.

Isn't using a single CVE to capture what can happen when multiplevulnerabilities are chained together... frowned upon?

<https://cve.mitre.org/cve/list_rules_and_guidance/counting_rules.html>


--
Will Dormann | Senior Vulnerability Analyst

ANALYGENCE, Inc.
8115 Maple Lawn Blvd., Suite 110, Fulton, MD 20759
t 412.818.3452 | f 301.812.4252
e will.dormann () analygence com | w analygence.com

Current thread:

CUPS printing system vulnerabilities Solar Designer (Sep 26)
- Re: CUPS printing system vulnerabilities Alan Coopersmith (Sep 26)
  - Re: CUPS printing system vulnerabilities Solar Designer (Sep 26)
    - Re: CUPS printing system vulnerabilities Zdenek Dohnal (Sep 26)
    - Re: CUPS printing system vulnerabilities Michael Sweet (Sep 26)
    - Re: CUPS printing system vulnerabilities Mark Esler (Sep 26)
- Re: CUPS printing system vulnerabilities Will Dormann (Sep 27)