Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks | Global Security News

Error

JFile::read: Unable to open file: 'http://twitter.com/statuses/user_timeline.xml?screen_name=gsogsecur&count=5'

Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks

font size: decrease font size increase font size
Rate this article
View Comments

Product: OpenSolarisThe web interface of the Common Unix Printing System (CUPS) in versions1.4.1 and earlier is impacted by multiple security vulnerabilities whichmay lead to Cross-Site Scripting (XSS) and HTTP Response SplittingAttacks. These vulnerabilities could allow an unprivileged localor remote user (depending on the CUPS configuration), to inject maliciousclient-side scripts or HTML into the CUPS web interface page.These issues are also described in the following document:CVE-2009-2820 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820State: ResolvedFirst released: 10-Nov-2009Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-271169-1

Product: OpenSolaris

The web interface of the Common Unix Printing System (CUPS) in versions1.4.1 and earlier is impacted by multiple security vulnerabilities whichmay lead to Cross-Site Scripting (XSS) and HTTP Response SplittingAttacks. These vulnerabilities could allow an unprivileged localor remote user (depending on the CUPS configuration), to inject maliciousclient-side scripts or HTML into the CUPS web interface page.

These issues are also described in the following document:

CVE-2009-2820 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820

State: Resolved

First released: 10-Nov-2009

Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-271169-1

Read Full Article

Written on Monday, 01 March 2010 19:00 by

Viewed 1 times so far.
Like this? Tweet it to your followers!

Published in Subscribe to the RSS feed of Network Security & Hacking News Network Security & Hacking News / Subscribe to the RSS feed of Global Security News Global Security News

Like this? Let your friends know now!

Rate this article

Latest articles from

Event: OWASP AppSec Research 2010 posted on Sunday, 21 March 2010 21:35
OWASP AppSec Research conference is dedicated to bringing together industry, academia, government, and security researchers…
Google releases web application security scanner posted on Sunday, 21 March 2010 21:41
Google released Skipfish, a free fully automated, active web application security reconnaissance tool. It prepares…
Security hole fixed in Firefox 3.6 posted on Sunday, 21 March 2010 21:04
Version 3.6.2, which so far is only available as a beta, fixes a critical security…
Physorg: Feel like someone's watching? You're probably right "Almost every worker has done it: gotten in a little Facebook updating, personal e-mailing, YouTube watching and friend calling while on the clock." posted on Monday, 22 March 2010 00:16
Physorg: Feel like someone's watching? You're probably right Almost every worker has done it: gotten…
BBC News: China denounces Google 'US ties' "China's state media has attacked Google for having what it said were intricate ties with the US government" posted on Monday, 22 March 2010 00:16
BBC News: China denounces Google 'US ties' China's state media has attacked Google for having…

Latest 'tweets' from GovernmentSecurity

GovernmentSecurity.org has started an IdeaScale Community - http://gso.ideascale.com - Join now and let us know what you want to see on GSO Link Friday, 05 March 2010 12:27
News Update: GSO Management - GovernmentSecurity.org Privacy Policy: GSO Manageme.. http://bit.ly/brrB3X | #Security Link Wednesday, 27 January 2010 10:17
Blog Update: Main Site Alternate Colors: As many of you have noticed we recently launch.. http://bit.ly/4xdQhh | #Security Link Tuesday, 19 January 2010 08:51
New Article: Netgear Router Hack Pt. 1 by Kenny: Hello all Kenny from GSO create this d.. http://bit.ly/5xwvtP | #Security Link Tuesday, 01 December 2009 15:09
News Update: Netgear Router Hack Pt. 1 by Kenny: Hello all Kenny from GSO Admin here sh.. http://bit.ly/8fLBD5 | #Security Link Tuesday, 01 December 2009 14:34

Rate this article

Latest articles from

Latest 'tweets' from GovernmentSecurity

Our Sponsors

Member Login

Security Forums

Security Articles

Hacking News

Info Security

Tech Blog

GSO Menu