CVE-2014-4338
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
22/06/2014
Last modified:
12/04/2025
Description
cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.
Impact
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:linuxfoundation:cups-filters:*:*:*:*:*:*:*:* | 1.0.52 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://openwall.com/lists/oss-security/2014/04/25/7
- http://openwall.com/lists/oss-security/2014/06/19/12
- http://rhn.redhat.com/errata/RHSA-2014-1795.html
- http://secunia.com/advisories/62044
- http://www.securityfocus.com/bid/68124
- https://bugs.linuxfoundation.org/show_bug.cgi?id=1204
- http://openwall.com/lists/oss-security/2014/04/25/7
- http://openwall.com/lists/oss-security/2014/06/19/12
- http://rhn.redhat.com/errata/RHSA-2014-1795.html
- http://secunia.com/advisories/62044
- http://www.securityfocus.com/bid/68124
- https://bugs.linuxfoundation.org/show_bug.cgi?id=1204