CVE-2015-8560
published 2016-04-14CVE-2015-8560: Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote…
PriorityP349high7.3CVSS 3.0
AVNACLPRNUINSUCLILAL
EPSS
5.25%
91.5th percentile
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
Affected
71 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | cups-filters | < cups-filters 1.4.0-1 (bookworm) | cups-filters 1.4.0-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | foomatic-filters | < cups-filters 1.4.0-1 (bookworm) | cups-filters 1.4.0-1 (bookworm) |
| foomatic-filters | foomatic-filters | >= 0 < 4.0.17-7 | 4.0.17-7 |
| foomatic-filters | foomatic-filters | >= 0 < 4.0.17-7 | 4.0.17-7 |
| foomatic-filters | foomatic-filters | >= 0 < 4.0.17-7 | 4.0.17-7 |
| foomatic-filters | foomatic-filters | >= 0 < 4.0.17-7 | 4.0.17-7 |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
| linuxfoundation | cups-filters | — | — |
CVSS provenance
nvdv3.07.3HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
foomatic-filters vulnerability
vendor_ubuntu·2015-12-16
CVE-2015-8560 foomatic-filters vulnerability
Title: foomatic-filters vulnerability
Summary: foomatic-filters could be made to run programs as the lp user if it
processed a specially crafted print job.
Adam Chester discovered that the foomatic-filters foomatic-rip filter
incorrectly stripped shell escape characters. A remote attacker could
possibly use this issue to execute arbitrary code as the lp user.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
cups-filters vulnerability
vendor_ubuntu·2015-12-16
CVE-2015-8560 cups-filters vulnerability
Title: cups-filters vulnerability
Summary: cups-filters could be made to run programs as the lp user if it processed a
specially crafted print job.
Adam Chester discovered that the cups-filters foomatic-rip filter
incorrectly stripped shell escape characters. A remote attacker could
possibly use this issue to execute arbitrary code as the lp user.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
vendor_redhat·2015-12-12·CVSS 7.5
CVE-2015-8560 [HIGH] CWE-77 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands.
Package: cups (Red Hat Enterprise Linux 5) - Not affected
Package: cups (Red Hat Enterprise Linux 6) - Not affected
Package: cups-filters (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2015-8560: cups-filters - Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0...
vendor_debian·2015·CVSS 7.5
CVE-2015-8560 [HIGH] CVE-2015-8560: cups-filters - Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0...
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
Scope: local
bookworm: resolved (fixed in 1.4.0-1)
bullseye: resolved (fixed in 1.4.0-1)
forky: resolved (fixed in 1.4.0-1)
sid: resolved (fixed in 1.4.0-1)
trixie: resolved (fixed in 1.4.0-1)
GHSA
GHSA-rcfc-82wc-2wjm: Incomplete blacklist vulnerability in util
ghsa_unreviewed·2022-05-14·CVSS 7.5
CVE-2015-8560 [HIGH] GHSA-rcfc-82wc-2wjm: Incomplete blacklist vulnerability in util
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
OSV
CVE-2015-8560: Incomplete blacklist vulnerability in util
osv·2016-04-14·CVSS 7.5
CVE-2015-8560 [HIGH] CVE-2015-8560: Incomplete blacklist vulnerability in util
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; (semicolon) character in a print job, a different vulnerability than CVE-2015-8327.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-8560 foomatic: cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
bugzilla·2015-12-14·CVSS 7.3
CVE-2015-8560 [HIGH] CVE-2015-8560 foomatic: cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
CVE-2015-8560 foomatic: cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: thi
Bugzilla
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
bugzilla·2015-12-14·CVSS 7.3
CVE-2015-8560 [HIGH] CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue af
Bugzilla
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
bugzilla·2015-12-14·CVSS 7.5
CVE-2015-8560 [HIGH] CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
CVE-2015-8560 cups-filters: foomatic-rip did not consider semicolon as illegal shell escape character
Following security fix was released in v1.4.0:
- foomatic-rip: SECURITY FIX: Also consider the semicolon (';') as an illegal shell escape character. Thanks to Adam Chester (adam dot chester at pentest dot co dot uk) for the hint.
Upstream patch:
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419
CVE request:
http://seclists.org/oss-sec/2015/q4/479
Discussion:
Created foomatic tracking bugs for this issue:
Affects: fedora-all [bug 1291229]
---
Created cups-filters tracking bugs for this issue:
Affects: fedora-all [bug 1291228]
---
In terms of affected products and components (with respect to foomatic-filters packaged in cups-fitlers or foomatic p
http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWShttp://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419http://rhn.redhat.com/errata/RHSA-2016-0491.htmlhttp://www.debian.org/security/2015/dsa-3419http://www.debian.org/security/2015/dsa-3429http://www.openwall.com/lists/oss-security/2015/12/13/2http://www.openwall.com/lists/oss-security/2015/12/14/13http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.ubuntu.com/usn/USN-2838-1http://www.ubuntu.com/usn/USN-2838-2http://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/annotate/head:/NEWShttp://bzr.linuxfoundation.org/loggerhead/openprinting/cups-filters/revision/7419http://rhn.redhat.com/errata/RHSA-2016-0491.htmlhttp://www.debian.org/security/2015/dsa-3419http://www.debian.org/security/2015/dsa-3429http://www.openwall.com/lists/oss-security/2015/12/13/2http://www.openwall.com/lists/oss-security/2015/12/14/13http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.ubuntu.com/usn/USN-2838-1http://www.ubuntu.com/usn/USN-2838-2
2016-04-14
Published