Lucene search
UbuntuUSN-2629-1HistoryJun 10, 2015 - 12:00 a.m.
CUPS vulnerabilities
2015-06-1000:00:00
ubuntu.com
43
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
5.8
Confidence
High
EPSS
0.918
Percentile
99.0%
Releases
- Ubuntu 15.04
- Ubuntu 14.10
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- cups - Common UNIX Printing System™
Details
It was discovered that CUPS incorrectly handled reference counting when
handling localized strings. A remote attacker could use this issue to
escalate permissions, upload a replacement CUPS configuration file, and
execute arbitrary code. (CVE-2015-1158)
It was discovered that the CUPS templating engine contained a cross-site
scripting issue. A remote attacker could use this issue to bypass default
configuration settings. (CVE-2015-1159)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.04 | noarch | cups | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-bsd | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-bsd-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-client | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-client-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-common | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-core-drivers | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-core-drivers-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-daemon | < 2.0.2-1ubuntu3.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | cups-daemon-dbgsym | < 2.0.2-1ubuntu3.1 | UNKNOWN |
Related
googleprojectzero
googleprojectzero
Owning Internet Printing - A Case Study in Modern Software Exploitation
2015-06-19 00:00:00
debian
debian
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:24:48
[SECURITY] [DSA 3283-1] cups security update
2015-06-09 20:24:48
[SECURITY] [DLA 239-1] cups security update
2015-06-09 10:27:06
fedora
fedora
[SECURITY] Fedora 22 Update: cups-2.0.3-1.fc22
2015-06-21 00:21:04
[SECURITY] Fedora 21 Update: cups-1.7.5-17.fc21
2015-06-21 00:36:00
nessus
nessus
GLSA-201510-07 : CUPS: Multiple vulnerabilities
2015-11-02 00:00:00
FreeBSD : cups -- multiple vulnerabilities (a40ec970-0efa-11e5-90e4-d050996490d0)
2015-06-10 00:00:00
Ubuntu 14.04 LTS : CUPS vulnerabilities (USN-2629-1)
2015-06-11 00:00:00
f5
f5
SOL16794 - CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
K16794 : CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
2015-06-23 00:00:00
osv
osv
cups - security update
2015-06-09 00:00:00
cups - security update
2015-06-09 00:00:00
cups-2.1.3-2.3 on GA media
2024-06-15 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3283-1)
2015-06-08 00:00:00
Ubuntu: Security Advisory (USN-2629-1)
2015-06-11 00:00:00
Debian: Security Advisory (DLA-239-1)
2023-03-08 00:00:00
securityvulns
securityvulns
[USN-2629-1] CUPS vulnerabilities
2015-06-14 00:00:00
CUPS security vulnerabilities
2015-06-14 00:00:00
freebsd
freebsd
cups -- multiple vulnerabilities
2015-06-09 00:00:00
exploitdb
exploitdb
CUPS < 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
CUPS < 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
archlinux
archlinux
cups: multiple issues
2015-06-10 00:00:00
packetstorm
packetstorm
CUPS XSS / String Handling / Improper Teardown
2015-06-22 00:00:00
CUPS Remote Code Execution
2017-02-03 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2015-10-31 00:00:00
mageia
mageia
Updated cups package fixes security vulnerabilities
2015-06-19 16:33:05
exploitpack
exploitpack
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-22 00:00:00
CUPS 2.0.3 - Remote Command Execution
2017-02-03 00:00:00
cert
cert
zdt
zdt
CUPS 2.0.3 - Multiple Vulnerabilities
2015-06-23 00:00:00
CUPS 2.0.3 - Remote Command Execution Exploit
2017-02-03 00:00:00
oraclelinux
oraclelinux
cups security update
2015-06-17 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:17:51
Denial Of Service (DoS)
2019-05-02 05:17:51
suse
suse
Security update for cups (critical)
2015-06-12 21:05:05
Security update for cups (critical)
2015-06-11 17:05:04
Security update for cups154 (critical)
2015-06-11 20:06:22
centos
centos
cups security update
2015-06-18 11:29:43
ibm
ibm
redhat
redhat
(RHSA-2015:1123) Important: cups security update
2015-06-17 00:00:00
amazon
amazon
Medium: cups
2015-07-07 12:34:00
cvelist
cvelist
CVE-2015-1159
2015-06-26 10:00:00
CVE-2015-1158
2015-06-26 10:00:00
cve
cve
CVE-2015-1159
2015-06-26 10:59:02
CVE-2015-1158
2015-06-26 10:59:00
debiancve
debiancve
CVE-2015-1159
2015-06-26 10:59:02
CVE-2015-1158
2015-06-26 10:59:00
ubuntucve
ubuntucve
CVE-2015-1159
2015-06-09 00:00:00
CVE-2015-1158
2015-06-09 00:00:00
prion
prion
Cross site scripting
2015-06-26 10:59:00
Design/Logic Flaw
2015-06-26 10:59:00
nvd
nvd
CVE-2015-1159
2015-06-26 10:59:02
CVE-2015-1158
2015-06-26 10:59:00
slackware
slackware
[slackware-security] cups
2015-07-08 00:00:21
checkpoint_advisories
checkpoint_advisories
Apple CUPS cupsd Privilege Escalation (CVE-2015-1158)
2015-07-05 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
5.8
Confidence
High
EPSS
0.918
Percentile
99.0%
Related for USN-2629-1