Wind River Support Network

HomeDefectsLIN6-6784

Fixed

LIN6-6784 : Security Advisory - cups - CVE-2013-6891

Created: Feb 16, 2014 Updated: Dec 3, 2018

Resolved Date: Mar 4, 2014

Previous ID: LIN4-31093

Found In Version: 6.0.0.4

Fix Version: 6.0.0.4

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6891

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38