Mandriva Linux Security Advisory : cups (MDVSA-2015:108)
Medium Nessus Plugin ID 82361
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated cups packages fix security vulnerabilities :
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function (CVE-2014-2856).
In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537).
It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation (CVE-2014-5029, CVE-2014-5030, CVE-2014-5031).
A malformed file with an invalid page header and compressed raster data can trigger a buffer overflow in cupsRasterReadPixels (CVE-2014-9679).
SolutionUpdate the affected packages.