Ubuntu 4.10 : cupsys vulnerability (USN-185-1)
High Nessus Plugin ID 20596
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionA flaw was detected in the printer access control list checking in the CUPS server. Printer names were compared in a case sensitive manner;
by modifying the capitalization of printer names, a remote attacker could circumvent ACLs and print to printers he should not have access to.
The Ubuntu 5.04 version of cupsys is not vulnerable against this.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected packages.