Your submission was sent successfully! Close

USN-185-1: CUPS vulnerability

20 September 2005

CUPS vulnerability

Releases

Details

A flaw was detected in the printer access control list checking in the
CUPS server. Printer names were compared in a case sensitive manner;
by modifying the capitalization of printer names, a remote attacker
could circumvent ACLs and print to printers he should not have access
to.

The Ubuntu 5.04 version of cupsys is not vulnerable against this.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
  • cupsys -

In general, a standard system update will make all the necessary changes.

References