Ubuntu Security Notice USN-185-1
20th September, 2005
cupsys vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 4.10
Details
A flaw was detected in the printer access control list checking in the
CUPS server. Printer names were compared in a case sensitive manner;
by modifying the capitalization of printer names, a remote attacker
could circumvent ACLs and print to printers he should not have access
to.
The Ubuntu 5.04 version of cupsys is not vulnerable against this.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 4.10:
- cupsys
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None