CVE-2011-4405
Ubuntu Linux 11.04 and 11.10 - Remote Code Execution via Insecure OpenPrinting Database Connection
Title source: manualDescription
The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle (MITM) attack that modifies packages or repositories.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/77214
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/46909
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/50721
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71394
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1265-1
Scores
EPSS
0.0349
EPSS Percentile
87.8%
Details
CWE
CWE-20
Status
published
Products (2)
canonical/ubuntu_linux
11.04
canonical/ubuntu_linux
11.10
Published
Nov 29, 2011
Tracked Since
Feb 18, 2026