Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 12:36:04 -0400 (EDT)
From: cve-assign@...re.org
To: mmcallis@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: cross-site scripting issue fixed in CUPS 1.7.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> CUPS 1.7.2 ... fixes a cross-site scripting issue

> http://www.cups.org/str.php?L4356
> http://www.cups.org/strfiles.php/3268/str4356.patch
> http://www.cups.org/blog.php?L717
> https://bugs.mageia.org/show_bug.cgi?id=13196

> the patch may not be sufficient to cover all different encodings,
> other special characters of interest etc.

> The attached patch updates is_absolute_path() to check for < and quotes

> if (strchr(path, '<') != NULL || strchr(path, '\"') != NULL || strchr(path, '\'') != NULL)

A CVE can be assigned because the patch above does block some XSS
attack vectors. Use CVE-2014-2856 for what is addressed by this patch.
There weren't any immediate followups here or in L4356 demonstrating
how to exploit the patched scheduler/client.c code in a specific test
environment. It is quite possible that other CVE assignments will be
made later.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTTV86AAoJEKllVAevmvmsoW0H/ijg+KOyofQ2y8V2/AY5amFQ
4+bVg9KcPtyeC6oEMjgx0NAl0UUM3CMQf5q9cWTxA1mkWiFxrfmfavKDwoymxcfl
AlMMOibPCBh+moV4jliWY47eiSolTDF4Bv8spOzbFqkcORUnpcNQwwrD6Q+VUOKn
DuxZUjvStHJhXa2nStIIqThT24B5KQIcRAxUBLKPPuunmhylUi8/UxRxjX6NdPlN
2EL62B3j4VjusYBxOTeq6glNZaeBCoVc3KG7Mvkm5JC0AVH9vcHejQpG35HGnDvX
rD5Q3sbdfhrhJhOEsuYiEAV8e3rHBDxwVYagopf/amaWGOl6/AiwiUIq5mxvIyk=
=bcw3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ