Ubuntu Update For Cups USN-2172-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Alex Korobkin discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.

Affected

cups on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-April/002469.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-2856

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for cups, cupsys vulnerabilities USN-952-1
Ubuntu Update for backuppc USN-1444-1
Ubuntu Update for awstats vulnerability USN-1047-1
Ubuntu Update for bind9 USN-1163-1
Ubuntu Update for apt USN-2353-1

Ubuntu Update for cups USN-2172-1

Take action and discover your vulnerabilities