• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Easy Software Products LPPassWd CUPS Password File Error Message Injection Vulnerability

Easy Software Products lppasswd is prone to a vulnerability that may allow malicious local users to inject arbitrary data into the CUPS password file.

This issue can occur on systems that do not ensure that the stdin, stdout, and stderr file descriptors are always open for setuid programs. If a user closes the stderr file descriptor, it is possible that a user-specified error message may be written to the CUPS password file.

This may permit a local attacker to add an arbitrary user to the CUPS password file.