CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.0%
Debian Security Advisory DSA-3283-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
June 09, 2015 https://www.debian.org/security/faq
Package : cups
CVE ID : CVE-2015-1158 CVE-2015-1159
It was discovered that CUPS, the Common UNIX Printing System, is
vulnerable to a remotely triggerable privilege escalation via cross-site
scripting and bad print job submission used to replace cupsd.conf on the
CUPS server.
For the oldstable distribution (wheezy), these problems have been fixed
in version 1.5.3-5+deb7u6.
For the stable distribution (jessie), these problems have been fixed in
version 1.7.5-11+deb8u1.
For the unstable distribution (sid), these problems have been fixed in
version 1.7.5-12.
We recommend that you upgrade your cups packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | armhf | cups | < 1.7.5-11+deb8u1 | cups_1.7.5-11+deb8u1_armhf.deb |
Debian | 8 | ppc64el | libcupscgi1-dev | < 1.7.5-11+deb8u1 | libcupscgi1-dev_1.7.5-11+deb8u1_ppc64el.deb |
Debian | 8 | ppc64el | cups-dbg | < 1.7.5-11+deb8u1 | cups-dbg_1.7.5-11+deb8u1_ppc64el.deb |
Debian | 8 | mips | libcupscgi1-dev | < 1.7.5-11+deb8u1 | libcupscgi1-dev_1.7.5-11+deb8u1_mips.deb |
Debian | 6 | i386 | cups-bsd | < 1.4.4-7+squeeze8 | cups-bsd_1.4.4-7+squeeze8_i386.deb |
Debian | 7 | kfreebsd-amd64 | libcupscgi1-dev | < 1.5.3-5+deb7u6 | libcupscgi1-dev_1.5.3-5+deb7u6_kfreebsd-amd64.deb |
Debian | 8 | arm64 | cups-core-drivers | < 1.7.5-11+deb8u1 | cups-core-drivers_1.7.5-11+deb8u1_arm64.deb |
Debian | 8 | s390x | cups-bsd | < 1.7.5-11+deb8u1 | cups-bsd_1.7.5-11+deb8u1_s390x.deb |
Debian | 8 | amd64 | libcupsimage2-dev | < 1.7.5-11+deb8u1 | libcupsimage2-dev_1.7.5-11+deb8u1_amd64.deb |
Debian | 8 | kfreebsd-i386 | libcupscgi1 | < 1.7.5-11+deb8u1 | libcupscgi1_1.7.5-11+deb8u1_kfreebsd-i386.deb |