Bug 1291227 (CVE-2015-8560) - CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
Summary: CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illega...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-8560
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1291228 1291229 1301076 1301077
Blocks: 1287524 1291230
TreeView+ depends on / blocked
 
Reported: 2015-12-14 11:17 UTC by Adam Mariš
Modified: 2019-09-29 13:40 UTC (History)
4 users (show)

Fixed In Version: cups-filters 1.4.0
Doc Type: Bug Fix
Doc Text:
It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands.
Clone Of:
Environment:
Last Closed: 2019-06-08 02:46:27 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:0491 0 normal SHIPPED_LIVE Moderate: foomatic security update 2016-03-23 01:02:15 UTC

Description Adam Mariš 2015-12-14 11:17:41 UTC
Following security fix was released in v1.4.0:

- foomatic-rip: SECURITY FIX: Also consider the semicolon (';') as an illegal shell escape character. Thanks to Adam Chester (adam dot chester at pentest dot co dot uk) for the hint.

Upstream patch:

http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419

CVE request:

http://seclists.org/oss-sec/2015/q4/479

Comment 1 Adam Mariš 2015-12-14 11:18:16 UTC
Created foomatic tracking bugs for this issue:

Affects: fedora-all [bug 1291229]

Comment 2 Adam Mariš 2015-12-14 11:18:22 UTC
Created cups-filters tracking bugs for this issue:

Affects: fedora-all [bug 1291228]

Comment 3 Tomas Hoger 2015-12-14 11:43:54 UTC
In terms of affected products and components (with respect to foomatic-filters packaged in cups-fitlers or foomatic packages), this issue is similar to CVE-2015-8327, see bug 1287523 comment 2.

Comment 4 Fedora Update System 2015-12-19 18:25:47 UTC
cups-filters-1.4.0-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 5 Fedora Update System 2015-12-30 17:50:08 UTC
cups-filters-1.4.0-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.

Comment 7 errata-xmlrpc 2016-03-22 21:04:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:0491 https://rhn.redhat.com/errata/RHSA-2016-0491.html


Note You need to log in before you can comment on or make changes to this bug.