Launchpad.net

CVE 2010-0540

Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings.

Related bugs and status

CVE-2010-0540 (Candidate) is related to these bugs:

Bug #369850: Cannot set up parallel port printer

		In	Importance	Status
369850	Cannot set up parallel port printer	linux (Ubuntu)	High	Invalid
369850	Cannot set up parallel port printer	udev (Ubuntu)	Undecided	Invalid
369850	Cannot set up parallel port printer	cups (Ubuntu)	Undecided	Fix Released
369850	Cannot set up parallel port printer	cups (Ubuntu Lucid)	Undecided	Won't Fix
369850	Cannot set up parallel port printer	linux (Ubuntu Lucid)	Undecided	Invalid
369850	Cannot set up parallel port printer	udev (Ubuntu Lucid)	Undecided	Invalid
369850	Cannot set up parallel port printer	cups (Ubuntu Maverick)	Undecided	Fix Released
369850	Cannot set up parallel port printer	linux (Ubuntu Maverick)	High	Invalid
369850	Cannot set up parallel port printer	udev (Ubuntu Maverick)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2010-06-15-1
BID: 40871
SECUNIA: 40220
VUPEN: ADV-2010-1481
SECTRACK: 1024122
CONFIRM: http://cups.org/articl...
CONFIRM: http://cups.org/str.ph...
MANDRIVA: MDVSA-2010:232
MANDRIVA: MDVSA-2010:233
MANDRIVA: MDVSA-2010:234
DEBIAN: DSA-2176
SECUNIA: 43521
VUPEN: ADV-2011-0535
GENTOO: GLSA-201207-10
OVAL: oval:org.mitre.oval:de...