{ "threat_severity" : "Moderate", "public_date" : "2014-07-14T00:00:00Z", "bugzilla" : { "description" : "cups: insufficient checking leads to privilege escalation", "id" : "1115576", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1115576" }, "cvss" : { "cvss_base_score" : "5.0", "cvss_scoring_vector" : "AV:L/AC:M/Au:S/C:C/I:P/A:N", "status" : "verified" }, "cwe" : "CWE-59", "details" : [ "The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.", "It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system." ], "statement" : "This issue is not planned to be fixed in Red Hat Enterprise Linux 5 as it is now in Production 3 Phase of the support and maintenance life cycle, https://access.redhat.com/support/policy/updates/errata/", "acknowledgement" : "This issue was discovered by Francisco Alonso (Red Hat Security Response Team).", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1388", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "cups-1:1.4.2-67.el6" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2015-03-05T00:00:00Z", "advisory" : "RHBA-2015:0386", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "cups-1:1.6.3-17.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "cups", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-3537\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-3537" ], "name" : "CVE-2014-3537", "csaw" : false }