CUPS < 1.7.2 is_path_absolute Function XSS

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote print service is affected by a cross-site scripting
vulnerability.

Description :

According to its banner, the version of CUPS installed on the remote
host is prior to version 1.7.2. It is, therefore, affected by a
cross-site scripting vulnerability.

A flaw exists with the is_path_absolute function within the
scheduler/client.cscript. This could allow a context-dependent
attacker, with a specially crafted request, to execute arbitrary
script code within the browser and server trust relationship.

Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.

See also :

http://www.cups.org/blog.php?L717
http://www.cups.org/str.php?L4356
http://www.cups.org/strfiles.php/3268/str4356.patch

Solution :

Upgrade to CUPS version 1.7.2 or later, or apply the vendor patch.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 73734 ()

Bugtraq ID: 66788

CVE ID: CVE-2014-2856