Yes, this is a design flaw in how CUPS handles its URLs. As described,
I think this is a only a minor issue, since the printer name must be
known, and no attacker-input is used (it prints the pre-configured test
page, and not text that the attacker can control). However, further
investigation
Please elaborate about this. By default, cupsd only listens on
localhost. Local users can do printing operations much easier.
On top of that, administrative operations are restricted to localhost:
# Restrict access to the admin pages...
Location /admin
Order allow,deny
Allow
On 4/16/07, Martin Pitt [EMAIL PROTECTED] wrote:
Please elaborate about this. By default, cupsd only listens on
localhost. Local users can do printing operations much easier.
cupsd listens on localhost but remote web pages can make the browser
access it, , as in the example above. Note that the
Thanks for taking the time to report this bug and helping to make Ubuntu
better. With which version of cupsys and Ubuntu did you notice this?
Thanks in advance.
** Changed in: cupsys (Ubuntu)
Assignee: (unassigned) = Brian Murray
Status: Unconfirmed = Needs Info
--
[feisty] web
On 4/13/07, Brian Murray [EMAIL PROTECTED] wrote:
With which version of cupsys and Ubuntu did you notice this?
ubuntu feisty (as the subject line says...), cupsys version
1.2.8-0ubuntu8.
Amnon
--
[feisty] web vulnerability
https://bugs.launchpad.net/bugs/106245
You received this bug