CVE-2014-4336CVE-2014-4336

Affected configuration(s):

cpe:/a:linuxfoundation:cups-filters:1.0
cpe:/a:linuxfoundation:cups-filters:1.0.1
cpe:/a:linuxfoundation:cups-filters:1.0.2
cpe:/a:linuxfoundation:cups-filters:1.0.3
cpe:/a:linuxfoundation:cups-filters:1.0.4
cpe:/a:linuxfoundation:cups-filters:1.0.5
cpe:/a:linuxfoundation:cups-filters:1.0.6
cpe:/a:linuxfoundation:cups-filters:1.0.7
cpe:/a:linuxfoundation:cups-filters:1.0.8
cpe:/a:linuxfoundation:cups-filters:1.0.9
cpe:/a:linuxfoundation:cups-filters:1.0.10
cpe:/a:linuxfoundation:cups-filters:1.0.11
cpe:/a:linuxfoundation:cups-filters:1.0.12
cpe:/a:linuxfoundation:cups-filters:1.0.13
cpe:/a:linuxfoundation:cups-filters:1.0.14
cpe:/a:linuxfoundation:cups-filters:1.0.15
cpe:/a:linuxfoundation:cups-filters:1.0.16
cpe:/a:linuxfoundation:cups-filters:1.0.17
cpe:/a:linuxfoundation:cups-filters:1.0.18
cpe:/a:linuxfoundation:cups-filters:1.0.19
cpe:/a:linuxfoundation:cups-filters:1.0.20
cpe:/a:linuxfoundation:cups-filters:1.0.21
cpe:/a:linuxfoundation:cups-filters:1.0.22
cpe:/a:linuxfoundation:cups-filters:1.0.23
cpe:/a:linuxfoundation:cups-filters:1.0.24
cpe:/a:linuxfoundation:cups-filters:1.0.25
cpe:/a:linuxfoundation:cups-filters:1.0.26
cpe:/a:linuxfoundation:cups-filters:1.0.27
cpe:/a:linuxfoundation:cups-filters:1.0.28
cpe:/a:linuxfoundation:cups-filters:1.0.29
cpe:/a:linuxfoundation:cups-filters:1.0.30
cpe:/a:linuxfoundation:cups-filters:1.0.31
cpe:/a:linuxfoundation:cups-filters:1.0.32
cpe:/a:linuxfoundation:cups-filters:1.0.33
cpe:/a:linuxfoundation:cups-filters:1.0.34
cpe:/a:linuxfoundation:cups-filters:1.0.35
cpe:/a:linuxfoundation:cups-filters:1.0.36
cpe:/a:linuxfoundation:cups-filters:1.0.37
cpe:/a:linuxfoundation:cups-filters:1.0.38
cpe:/a:linuxfoundation:cups-filters:1.0.39
cpe:/a:linuxfoundation:cups-filters:1.0.40
cpe:/a:linuxfoundation:cups-filters:1.0.41
cpe:/a:linuxfoundation:cups-filters:1.0.42
cpe:/a:linuxfoundation:cups-filters:1.0.43
cpe:/a:linuxfoundation:cups-filters:1.0.44
cpe:/a:linuxfoundation:cups-filters:1.0.45
cpe:/a:linuxfoundation:cups-filters:1.0.46
cpe:/a:linuxfoundation:cups-filters:1.0.47
cpe:/a:linuxfoundation:cups-filters:1.0.48
cpe:/a:linuxfoundation:cups-filters:1.0.49
cpe:/a:linuxfoundation:cups-filters:1.0.50
cpe:/a:linuxfoundation:cups-filters:1.051
cpe:/a:linuxfoundation:cups-filters:1.052

Date published: 2014-06-22T17:55:03.457-04:00

Date last modified: 2014-06-23T13:42:05.963-04:00

CVSS Score: 5.8

Principal attack vector: ADJACENT_NETWORK

Complexity:  LOW

Reference URL: http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7194

Summary: The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before 1.0.53 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the host name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2707.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.