Description |
+ |
CUPS requires users to demonstrate root/admin level access to perform various printer management related functions. Authentication to CUPS is completed by a web interface or over a dedicated file socket. Traditionally, users authenticate via traditional HTTP “Basic” web authorization. However, CUPS also allows authentication via a 32 byte randomly generated hex string. This method of authorization, called “Local” authorization by CUPS, has a bug that allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key. Root/admin access to CUPS yields arbitrary code execution as root with further effort. This affects CUPS 2.x |
|