Package: cups-pdf
Version: 2.4.2-1
Severity: critical
Justification: root security hole
Tags: security
Unprivileged user can execute /usr/lib/cups/backend/cups-pdf to read
parts of any file. End of file is printed by Ghostscript in error report.
Execution of this command as unprivileged user
/usr/lib/cups/backend/cups-pdf shadow user title 1 '' /etc/shadow
will result in Ghostscript error showing last line of /etc/shadow file
(possibly containing password hash)
ERROR: /undefined in saned:!:13511:0:9:7:::
...
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-albemuth
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Versions of packages cups-pdf depends on:
ii cupsys 1.2.7-3 Common UNIX Printing
System(tm) -
ii gs-esp 8.15.3.dfsg.1-1 The Ghostscript PostScript
interpr
ii libc62.3.6.ds1-10GNU C Library: Shared libraries
cups-pdf recommends no packages.
-- no debconf information
--
Grzegorz Zur
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]