Bug 473915 (CVE-2008-5184)
Summary: | CVE-2008-5184 cups: improper use of the 'guest' username in the web UI, when user not logged on to the server | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | twaugh |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-03-29 08:44:13 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 473909 | ||
Bug Blocks: |
Description
Jan Lieskovsky
2008-12-01 13:13:04 UTC
This issue did not affect cups versions as shipped with Red Hat Enterprise Linux 3 and 4. It did not affect 1.2.x version of cups shipped with Red Hat Enterprise Linux. Those versions do not support RSS subscriptions. cups was updated to version 1.3.7 in Red Hat Enterprise Linux 5.3. Packages released in RHEL 5.3 include a patch for this issue and are not affected by this flaw. https://www.redhat.com/security/data/cve/CVE-2008-5184.html |