Mandriva Linux Security Advisory : cups-filters (MDVSA-2015:196)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Updated cups-filters package fixes security vulnerability :

cups-browsed in cups-filters before 1.0.66 contained a bug in the
remove_bad_chars\(\) function, where it failed to reliably filter out
illegal characters if there were two or more subsequent illegal
characters, allowing execution of arbitrary commands with the rights
of the lp user, using forged print service announcements on DNS-SD
servers (CVE-2015-2265).

See also :

http://advisories.mageia.org/MGASA-2015-0132.html

Solution :

Update the affected cups-filters, lib64cups-filters-devel and / or
lib64cups-filters1 packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 82633 ()

Bugtraq ID:

CVE ID: CVE-2015-2265

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now