Oval Definition:oval:com.redhat.rhsa:def:20050571
Revision Date:2005-07-14Version:502
Title:RHSA-2005:571: cups security update (Moderate)
Description:The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems.

When processing a request, the CUPS scheduler would use case-sensitive matching on the queue name to decide which authorization policy should be used. However, queue names are not case-sensitive. An unauthorized user could print to a password-protected queue without needing a password. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2154 to this issue.

Please note that the version of CUPS included in Red Hat Enterprise Linux 4 is not vulnerable to this issue.

All users of CUPS should upgrade to these erratum packages which contain a backported patch to correct this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2004-2154
RHSA-2005:571-01
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 3 is installed
  • AND Package Information
  • cups-devel is earlier than 1:1.1.17-13.3.29
  • AND cups-devel is signed with Red Hat master key
  • OR
  • cups-libs is earlier than 1:1.1.17-13.3.29
  • AND cups-libs is signed with Red Hat master key
  • OR
  • cups is earlier than 1:1.1.17-13.3.29
  • AND cups is signed with Red Hat master key
  • BACK