Bug 163275 - cups location case sensitivity - CAN-2004-2154
cups location case sensitivity - CAN-2004-2154
Status: CLOSED DUPLICATE of bug 163274
Product: Fedora Legacy
Classification: Retired
Component: cups (Show other bugs)
fc2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-14 14:22 EDT by Jeff Sheltren
Modified: 2007-04-18 13:29 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-07-14 14:24:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeff Sheltren 2005-07-14 14:22:16 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.9) Gecko/20050711 Firefox/1.0.5

Description of problem:
When processing a request, the CUPS scheduler would use case-sensitive
matching on the queue name to decide which authorization policy should be
used. However, queue names are not case-sensitive. An unauthorized user
could print to a password-protected queue without needing a password. The
Common Vulnerabilities and Exposures project has assigned the name
CAN-2005-2154 to this issue. 

See:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405
and
http://rhn.redhat.com/errata/RHSA-2005-571.html

I am working on updated packages for RH7.3, RH9, FC1 & FC2

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1...
2.
3.
  

Additional info:
Comment 1 Jeff Sheltren 2005-07-14 14:24:16 EDT

*** This bug has been marked as a duplicate of 163274 ***

Note You need to log in before you can comment on or make changes to this bug.