Lucene search
UbuntuUSN-1654-1HistoryDec 05, 2012 - 12:00 a.m.
CUPS vulnerability
2012-12-0500:00:00
ubuntu.com
36
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
47.5%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
- Ubuntu 8.04
Packages
- cups - Common UNIX Printing System™
- cupsys - Common UNIX Printing System™
Details
It was discovered that users in the lpadmin group could modify certain CUPS
configuration options to escalate privileges. An attacker could use this to
potentially gain root privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | cupsys | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | cupsys-bsd | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | cupsys-client | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libcupsimage2 | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libcupsimage2-dev | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libcupsys2 | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libcupsys2-dev | < 1.3.7-1ubuntu3.16 | UNKNOWN |
| Ubuntu | 12.10 | noarch | cups | < 1.6.1-0ubuntu11.3 | UNKNOWN |
| Ubuntu | 12.10 | noarch | cups-bsd | < 1.6.1-0ubuntu11.3 | UNKNOWN |
| Ubuntu | 12.10 | noarch | cups-client | < 1.6.1-0ubuntu11.3 | UNKNOWN |
References
Related
nessus
nessus
RHEL 5 / 6 : cups (RHSA-2013:0580)
2013-03-01 00:00:00
Amazon Linux AMI : cups (ALAS-2013-170)
2013-09-04 00:00:00
Debian DSA-2600-1 : cups - privilege escalation
2013-01-07 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2600-1)
2013-01-05 00:00:00
CentOS Update for cups CESA-2013:0580 centos5
2013-03-05 00:00:00
CentOS Update for cups CESA-2013:0580 centos5
2013-03-05 00:00:00
ubuntucve
ubuntucve
CVE-2012-5519
2012-11-19 00:00:00
redhat
redhat
(RHSA-2013:0580) Moderate: cups security update
2013-02-28 00:00:00
nvd
nvd
CVE-2012-5519
2012-11-20 00:55:01
metasploit
metasploit
CUPS 1.6.1 Root File Read
2013-08-25 19:30:11
amazon
amazon
Medium: cups
2013-03-14 22:04:00
centos
centos
cups security update
2013-03-01 10:00:14
securityvulns
securityvulns
[USN-1654-1] CUPS vulnerability
2012-12-07 00:00:00
CUPS privilege escalation
2012-12-07 00:00:00
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
gentoo
gentoo
CUPS: Arbitrary file read/write
2014-04-07 00:00:00
oraclelinux
oraclelinux
cups security update
2013-02-28 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: cups-1.5.4-20.fc18
2013-01-12 01:01:29
[SECURITY] Fedora 17 Update: cups-1.5.4-18.fc17
2013-02-26 02:42:00
debiancve
debiancve
CVE-2012-5519
2012-11-20 00:55:01
cvelist
cvelist
CVE-2012-5519
2012-11-20 00:00:00
prion
prion
Design/Logic Flaw
2012-11-20 00:55:00
debian
debian
[SECURITY] [DSA 2600-1] cups security update
2013-01-06 17:33:19
veracode
veracode
Arbitrary File Write
2019-01-15 08:58:43
osv
osv
cups - privilege escalation
2013-01-06 00:00:00
cups-2.1.3-2.3 on GA media
2024-06-15 00:00:00
cve
cve
CVE-2012-5519
2012-11-20 00:55:01
suse
suse
Security update for cups (critical)
2015-06-12 21:05:05
Security update for cups (critical)
2015-06-11 17:05:04
Security update for cups154 (critical)
2015-06-11 20:06:22
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
47.5%
Related for USN-1654-1