Fluid Attacks Database

Description

cups-browsed in cups-filters before 1.0.53 allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a malformed cups-browsed.conf BrowseAllow directive that is interpreted as granting browse access to all IP addresses.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	cups-filters	>=0 <1.0.53-1	1.0.53-1
debian 11	cups-filters	>=0 <1.0.53-1	1.0.53-1
debian 12	cups-filters	>=0 <1.0.53-1	1.0.53-1
debian 14	cups-filters	>=0 <1.0.53-1	1.0.53-1
rpm rhel7	cups-filters	<0:1.0.35-15.el7_0.1	0:1.0.35-15.el7_0.1

Aliases

1. CVE-2014-43382. NVD-2014-43383. OSV-DEBIAN-2014-43384. OSV-2014-43385. SECURITY-TRACKER-CVE-2014-4338

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.