CVE-2013-6891 Information
Feb 14, 2021
cve
Description
lppasswd in CUPS before 1.7.1 when running with setuid privileges allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
Reference
http://advisories.mageia.org/MGASA-2014-0021.html http://secunia.com/advisories/56531 http://www.cups.org/blog.php?L704 http://www.cups.org/str.php?L4319 http://www.mandriva.com/security/advisories?name=MDVSA-2014:015 http://www.ubuntu.com/usn/USN-2082-1
Share on: