CUPS Remote Printer Addition Vulnerability

CUPS is prone to a vulnerability which may allow attackers to add printers.

It has been reported that an attacker may send a specially crafted UDP packet to the CUPS server which will cause a printer to be temporarily added and configured to listen on a high port. It is then reportedly possible for an attacker to request and receive the local root certificate. This certificate may be used to authenticate to the web administrative interface, where it is possible to create a printer with root privileges.

Successful exploitation may provide an attacker with means to exploit other known issues in CUPS.

It should be noted that CUPS is not enabled by default in Red Hat Linux and Apple MacOS X.


Privacy Statement
Copyright 2010, SecurityFocus