Mandriva Linux Security Advisory 2015-108 - Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd. It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation. A malformed file with an invalid page header and compressed raster data can trigger a buffer overflow in cupsRasterReadPixels.
029c517fb2aafd25bf90e98f07319e0f00c7a6d282bf8e64661bb76a2f70f6a8
Red Hat Security Advisory 2014-1388-02 - CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A cross-site scripting flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system.
f40db663647458b2845b3f1ac29ff57140997773dd6238d70c6eb62820776ebf
Mandriva Linux Security Advisory 2014-092 - lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving.cups/client.conf. Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. The updated packages have been patched to correct these issues.
42c1c60c5b38f63153e3d145588b75d3bd5cddd4e0f739227eba41ec8a6c26e7
Mandriva Linux Security Advisory 2014-091 - Cross-site scripting vulnerability in scheduler/client.c in Common Unix Printing System before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function.
30e6eecea2171318dfc6d73daaf29f6095de61cbaccd933c3e50786079a68415
Ubuntu Security Notice 2172-1 - Alex Korobkin discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.
491356bd0784085e834b1ec5a4760e5bcb05c8453ae4e2c654c921d91138d2e1