From martin.pitt@canonical.com Tue Sep 20 04:05:28 2005 From: Martin Pitt To: ubuntu-security-announce@lists.ubuntu.com Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com Date: Tue, 20 Sep 2005 10:03:19 +0200 Subject: [Full-disclosure] [USN-185-1] CUPS vulnerability =========================================================== Ubuntu Security Notice USN-185-1 September 20, 2005 cupsys vulnerability CAN-2004-2154 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: cupsys The problem can be corrected by upgrading the affected package to version 1.1.20final+cvs20040330-4ubuntu16.5. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A flaw was detected in the printer access control list checking in the CUPS server. Printer names were compared in a case sensitive manner; by modifying the capitalization of printer names, a remote attacker could circumvent ACLs and print to printers he should not have access to. The Ubuntu 5.04 version of cupsys is not vulnerable against this. Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.5.diff.gz Size/MD5: 1353545 138b931a4e026cacf0870ca3eba49506 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.5.dsc Size/MD5: 867 0475f922a395811f2d1b4a39fd02c240 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330.orig.tar.gz Size/MD5: 5645146 5eb5983a71b26e4af841c26703fc2f79 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 59052 6d80f59e40a3cdccf88a64e6eb8e8818 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 107326 6ad4b6a8b600d874b5de169588db23f7 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 3614844 22bb4ae245e3983b54ffac479f9d11bd http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 62684 4a99fce77c094c644bb65701f544769b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 53318 533e04c42b9cbb152d85760e09444b68 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 101814 ff09bf2b58473a1632115f4e2cf465bc http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.5_amd64.deb Size/MD5: 74864 c919425bc8e6262d6f82cb1576b651bf i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 58384 44200b1d889546564eb7b5e082dbf43b http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 105106 682977ac2a18684f47021a0ca22ed4a1 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 3603588 23983f6264ec0a023d238c08cccbecb5 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 62242 727919da03f41881e1f83e4b82f9cc8c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 52900 259c429f529ebf82c822becdba40d22d http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 98450 2748c1390c494e4794ff496258a7f64c http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.5_i386.deb Size/MD5: 72136 ea28e5097435eb43329420d3759af775 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 62964 4bba89312187f8a912b9bb8b8ffdb47a http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 114960 f47efaa57093742589f0321fb3e81b76 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 3633910 892c743ca13998b6e99b4703540349bd http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 61880 0a074b2e55c2da22209dd4794c8d17ea http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 55542 24d91159956370299a682efa35d06c60 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 101194 cad8689725abb30ef8ec4a1e26ad1c80 http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.1.20final+cvs20040330-4ubuntu16.5_powerpc.deb Size/MD5: 74976 9d36e438b667c49ebf99153a77464d37 [ Part 1.2, "Digital signature" Application/PGP-SIGNATURE ] [ 196bytes. ] [ Unable to print this part. ] [ Part 2: "Attached Text" ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/