Detections
Analytics

OracleVM 3.3 : cups (OVMSA-2014-0035)

high Nessus Plugin ID 79550

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - Revert change to whitelist /rss/ resources, as this was not used upstream.

 - More STR #4461 fixes from upstream: make rss feeds world-readable, but cachedir private.

 - Fix icon display in web interface during server restart (STR #4475).

 - Fixes for upstream patch for STR #4461: allow /rss/ requests for files we created.

 - Use upstream patch for STR #4461.

 - Applied upstream patch to fix CVE-2014-5029 (bug #1122600), CVE-2014-5030 (bug #1128764), CVE-2014-5031 (bug #1128767).

 - Fix conf/log file reading for authenticated users (STR #4461).

 - Fix CGI handling (STR #4454, bug #1120419).

 - fix patch for CVE-2014-3537 (bug #1117794)

 - CVE-2014-2856: cross-site scripting flaw (bug #1117798)

 - CVE-2014-3537: insufficient checking leads to privilege escalation (bug #1117794)

 - Removed package description changes.

 - Applied patch to fix 'Bad request' errors as a result of adding in httpSetTimeout (STR #4440, also part of svn revision 9967).

 - Fixed timeout issue with cupsd reading when there is no data ready (bug #1110045).

 - Fixed synconclose patch to avoid 'too many arguments for format' warning.

 - Fixed settimeout patch to include math.h for fmod declaration.

 - Fixed typo preventing web interface from changing driver (bug #1104483, STR #3601).

 - Fixed SyncOnClose patch (bug #984883).

 - Use upstream patch to avoid replaying GSS credentials (bug #1040293).

 - Prevent BrowsePoll problems across suspend/resume (bug #769292) :

 - Eliminate indefinite wait for response (svn revision 9688).

 - Backported httpSetTimeout API function from CUPS 1.5 and use it in the ipp backend so that we wait indefinitely until the printer responds, we get a hard error, or the job is cancelled.

 - cups-polld: reconnect on error.

 - Added new SyncOnClose directive to use fsync after altering configuration files: defaults to 'Yes'. Adjust in cupsd.conf (bug #984883).

 - Fix cupsctl man page typo (bug #1011076).

 - Use more portable rpm specfile syntax for conditional php building (bug #988598).

 - Fix SetEnv directive in cupsd.conf (bug #986495).

 - Fix 'collection' attribute sending (bug #978387).

 - Prevent format_log segfault (bug #971079).

 - Prevent stringpool corruption (bug #884851).

 - Don't crash when job queued for printer that times out (bug #855431).

 - Upstream patch for broken multipart handling (bug #852846).

 - Install /etc/cron.daily/cups with correct permissions (bug #1012482).

 - Fixes for jobs with multiple files and multiple formats (bug #972242).

 - Applied patch to fix CVE-2012-5519 (privilege escalation for users in SystemGroup or with equivalent polkit permission). This prevents HTTP PUT requests with paths under /admin/conf/ other than that for cupsd.conf, and also prevents such requests altering certain configuration directives such as PageLog and FileDevice (bug #875898).

Solution

Update the affected cups / cups-libs packages.

See Also

http://www.nessus.org/u?5c27127c

Plugin Details

Severity: High

ID: 79550

File Name: oraclevm_OVMSA-2014-0035.nasl

Version: 1.7

Type: local

Published: 11/26/2014

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:cups, p-cpe:/a:oracle:vm:cups-libs, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 11/4/2014

Vulnerability Publication Date: 11/19/2012

Reference Information

CVE: CVE-2012-5519, CVE-2014-2856, CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031

BID: 56494, 66788, 68788, 68842, 68846, 68847