Nixpkgs security tracker

Dismissed

Permalink CVE-2004-2154

9.8 CRITICAL

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): None (N)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): None (N)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 4 months, 1 week ago by @LeSuisse Activity log

Created suggestion 4 months, 1 week ago
@LeSuisse ignored
68 packages
- apcupsd
- cups-bjnp
- cups-dymo
- carps-cups
- cups-zj-58
- cups-browsed
- cups-filters
- cups-kyocera
- cups-printers
- gutenprintBin
- cups-kyodialog
- cups-pk-helper
- gutenprint-bin
- libcupsfilters
- canon-cups-ufr2
- cups-idprt-tspl
- cups-pdf-to-pdf
- cups-idprt-mt888
- cups-idprt-mt890
- cups-idprt-sp900
- cups-idprt-barcode
- brgenml1cupswrapper
- mfc465cncupswrapper
- cups-brother-dcpt310
- cups-toshiba-estudio
- dcp375cw-cupswrapper
- mfc5890cncupswrapper
- mfcj880dwcupswrapper
- perlPackages.NetCUPS
- mfc9140cdncupswrapper
- mfcj470dw-cupswrapper
- mfcl2700dncupswrapper
- mfcl2720dwcupswrapper
- mfcl2740dwcupswrapper
- perl5Packages.NetCUPS
- magicard-cups-driver
- cups-brother-dcpt725dw
- cups-brother-hl3170cdw
- cups-brother-hll2350dw
- cups-brother-hll2375dw
- cups-kyocera-3500-4500
- dcp9020cdw-cupswrapper
- mfcj6510dw-cupswrapper
- mfcl3770cdwcupswrapper
- mfcl8690cdwcupswrapper
- cups-brother-mfcl2710dw
- cups-brother-mfcl2750dw
- cups-brother-mfcl2800dw
- perl538Packages.NetCUPS
- perl540Packages.NetCUPS
- cups-brother-dcp1610wlpr
- cups-brother-dcpl3550cdw
- python312Packages.pycups
- python313Packages.pycups
- python314Packages.pycups
- mfcj470dwlpr.x86_64-linux
- prometheus-apcupsd-exporter
- cups-kyocera-ecosys-m552x-p502x
- cups-brother-hl1110.x86_64-linux
- cups-brother-hl1210w.x86_64-linux
- cups-brother-hl2260d.x86_64-linux
- cups-brother-hl3140cw.x86_64-linux
- cups-brother-hll2340dw.x86_64-linux
- home-assistant-component-tests.cups
- cups-brother-hll3230cdw.x86_64-linux
- home-assistant-component-tests.apcupsd
- cups-kyocera-ecosys-m2x35-40-p2x35-40dnw
- tests.home-assistant-component-tests.apcupsd
4 months, 1 week ago
@LeSuisse dismissed 4 months, 1 week ago

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as …

CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.

References

SUSE-SR:2005:018 vendor-advisoryx_refsource_SUSEx_transferred
http://www.cups.org/str.php?L700 x_refsource_CONFIRMx_transferred
RHSA-2005:571 vendor-advisoryx_refsource_REDHATx_transferred
FLSA:163274 vendor-advisoryx_refsource_FEDORAx_transferred
USN-185-1 vendor-advisoryx_refsource_UBUNTUx_transferred
oval:org.mitre.oval:def:9940 vdb-entryx_refsource_OVALsignaturex_transferred
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 x_refsource_CONFIRMx_transferred

Affected products

n/a

==n/a

cups

<1.1.21

ubuntu_linux

==4.10

Matching in nixpkgs

pkgs.cups

Standards-based printing system for UNIX

nixos-unstable 2.4.16
- nixpkgs-unstable 2.4.16
- nixos-unstable-small 2.4.16

Ignored packages (68)

pkgs.apcupsd

Daemon for controlling APC UPSes

nixos-unstable 3.14.14
- nixpkgs-unstable 3.14.14
- nixos-unstable-small 3.14.14

pkgs.cups-bjnp

CUPS back-end for Canon printers

nixos-unstable 2.0.3
- nixpkgs-unstable 2.0.3
- nixos-unstable-small 2.0.3

pkgs.cups-dymo

CUPS Linux drivers and SDK for DYMO printers

nixos-unstable 1.4.0.5
- nixpkgs-unstable 1.4.0.5
- nixos-unstable-small 1.4.0.5

pkgs.carps-cups

CUPS Linux drivers for Canon printers

nixos-unstable 2018-03-05
- nixpkgs-unstable 2018-03-05
- nixos-unstable-small 2018-03-05

pkgs.cups-zj-58

CUPS filter for thermal printer Zjiang ZJ-58

nixos-unstable 58-0-unstable-2019-04-28
- nixpkgs-unstable 58-0-unstable-2019-04-28
- nixos-unstable-small 58-0-unstable-2019-04-28

pkgs.cups-browsed

Daemon for browsing the Bonjour broadcasts of shared, remote CUPS printers

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1

pkgs.cups-filters

Backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc

nixos-unstable 2.0.1
- nixpkgs-unstable 2.0.1
- nixos-unstable-small 2.0.1

pkgs.cups-kyocera

CUPS drivers for several Kyocera FS-{1020,1025,1040,1060,1120,1125} printers

nixos-unstable 1.1203
- nixpkgs-unstable 1.1203
- nixos-unstable-small 1.1203

pkgs.cups-printers

Tool for interacting with a CUPS server

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0

pkgs.gutenprintBin

Some additional CUPS drivers including Canon drivers

nixos-unstable 5.0.1
- nixpkgs-unstable 5.0.1
- nixos-unstable-small 5.0.1

pkgs.cups-kyodialog

CUPS drivers for several Kyocera printers

nixos-unstable 9.4-20240521
- nixpkgs-unstable 9.4-20240521
- nixos-unstable-small 9.4-20240521

pkgs.cups-pk-helper

PolicyKit helper to configure cups with fine-grained privileges

nixos-unstable 0.2.6
- nixpkgs-unstable 0.2.6
- nixos-unstable-small 0.2.6

pkgs.gutenprint-bin

Some additional CUPS drivers including Canon drivers

nixos-unstable 5.0.1
- nixpkgs-unstable 5.0.1
- nixos-unstable-small 5.0.1

pkgs.libcupsfilters

Backends, filters, and other software that was once part of the core CUPS distribution but is no longer maintained by Apple Inc

nixos-unstable 2.1.1
- nixpkgs-unstable 2.1.1
- nixos-unstable-small 2.1.1

pkgs.canon-cups-ufr2

CUPS Linux drivers for Canon printers

nixos-unstable ufr2-6.00
- nixpkgs-unstable ufr2-6.00
- nixos-unstable-small ufr2-6.00

pkgs.cups-idprt-tspl

CUPS drivers for TSPL-based iDPRT thermal label printers (SP210, SP310, SP320, SP320E, SP410, SP410BT, SP420, SP450, SP460BT)

nixos-unstable 1.4.7
- nixpkgs-unstable 1.4.7
- nixos-unstable-small 1.4.7

pkgs.cups-pdf-to-pdf

CUPS backend that turns print jobs into searchable PDF files

nixos-unstable 0-unstable-2021-12-22
- nixpkgs-unstable 0-unstable-2021-12-22
- nixos-unstable-small 0-unstable-2021-12-22

pkgs.cups-idprt-mt888

CUPS driver for the iDPRT MT888

nixos-unstable mt888-1.2.0
- nixpkgs-unstable mt888-1.2.0
- nixos-unstable-small mt888-1.2.0

pkgs.cups-idprt-mt890

CUPS driver for the iDPRT MT890

nixos-unstable mt890-1.2.0
- nixpkgs-unstable mt890-1.2.0
- nixos-unstable-small mt890-1.2.0

pkgs.cups-idprt-sp900

CUPS driver for the iDPRT SP900

nixos-unstable sp900-1.4.0
- nixpkgs-unstable sp900-1.4.0
- nixos-unstable-small sp900-1.4.0

pkgs.cups-idprt-barcode

CUPS drivers for iDPRT barcode printers (iD2P, iD2X, iD4P, iD4S, iE2P, iE2X, iE4P, iE4S, iT4B, iT4E, iT4P, iT4S, iT4X, iX4E, iX4L, iX4P, iX4E, iX6P)

nixos-unstable 1.2.1
- nixpkgs-unstable 1.2.1
- nixos-unstable-small 1.2.1

pkgs.brgenml1cupswrapper

Brother BrGenML1 CUPS wrapper driver

nixos-unstable 3.1.0-1
- nixpkgs-unstable 3.1.0-1
- nixos-unstable-small 3.1.0-1

pkgs.mfc465cncupswrapper

Brother MFC-465CN CUPS wrapper driver

nixos-unstable 1.0.1-1
- nixpkgs-unstable 1.0.1-1
- nixos-unstable-small 1.0.1-1

pkgs.cups-brother-dcpt310

Brother DCP-T310 printer driver

nixos-unstable dcpt310-1.0.1
- nixpkgs-unstable dcpt310-1.0.1
- nixos-unstable-small dcpt310-1.0.1

pkgs.cups-toshiba-estudio

Printer only driver for the Toshiba e-STUDIO class of printers

nixos-unstable 7.89
- nixpkgs-unstable 7.89
- nixos-unstable-small 7.89

pkgs.dcp375cw-cupswrapper

Brother dcp375cw printer CUPS wrapper driver

nixos-unstable 1.1.3
- nixpkgs-unstable 1.1.3
- nixos-unstable-small 1.1.3

pkgs.magicard-cups-driver

CUPS driver for Magicard Printers

nixos-unstable 1.4.0
- nixpkgs-unstable 1.4.0
- nixos-unstable-small 1.4.0

pkgs.mfc5890cncupswrapper

Brother MFC-5890CN CUPS wrapper driver

nixos-unstable 1.1.2-2
- nixpkgs-unstable 1.1.2-2
- nixos-unstable-small 1.1.2-2

pkgs.mfcj880dwcupswrapper

Brother MFC-J880DW CUPS wrapper driver

nixos-unstable 1.0.0-0
- nixpkgs-unstable 1.0.0-0
- nixos-unstable-small 1.0.0-0

pkgs.perlPackages.NetCUPS

Common Unix Printing System Interface

nixos-unstable 0.64
- nixpkgs-unstable 0.64
- nixos-unstable-small 0.64

pkgs.mfc9140cdncupswrapper

Brother MFC-9140CDN CUPS wrapper driver

nixos-unstable 1.1.4-0
- nixpkgs-unstable 1.1.4-0
- nixos-unstable-small 1.1.4-0

pkgs.mfcj470dw-cupswrapper

Brother MFC-J470DW CUPS wrapper driver

nixos-unstable 3.0.0-1
- nixpkgs-unstable 3.0.0-1
- nixos-unstable-small 3.0.0-1

pkgs.mfcl2700dncupswrapper

Brother MFC-L2700DN CUPS wrapper driver

nixos-unstable 3.2.0-1
- nixpkgs-unstable 3.2.0-1
- nixos-unstable-small 3.2.0-1

pkgs.mfcl2720dwcupswrapper

Brother MFC-L2720DW CUPS wrapper driver

nixos-unstable 3.2.0-1
- nixpkgs-unstable 3.2.0-1
- nixos-unstable-small 3.2.0-1

pkgs.mfcl2740dwcupswrapper

Brother MFC-L2740DW CUPS wrapper driver

nixos-unstable 3.2.0-1
- nixpkgs-unstable 3.2.0-1
- nixos-unstable-small 3.2.0-1

pkgs.perl5Packages.NetCUPS

Common Unix Printing System Interface

nixos-unstable 0.64
- nixpkgs-unstable 0.64
- nixos-unstable-small 0.64

pkgs.cups-brother-dcpt725dw

Brother DCP-T725DW printer driver

nixos-unstable dcpt725dw-3.5.0-1
- nixpkgs-unstable dcpt725dw-3.5.0-1
- nixos-unstable-small dcpt725dw-3.5.0-1

pkgs.cups-brother-hl3170cdw

Brother hl3170cdw printer driver

nixos-unstable hl3170cdw-1.1.4-0
- nixpkgs-unstable hl3170cdw-1.1.4-0
- nixos-unstable-small hl3170cdw-1.1.4-0

pkgs.cups-brother-hll2350dw

Brother HL-L2350DW printer driver

nixos-unstable hll2350dw-4.0.0-1
- nixpkgs-unstable hll2350dw-4.0.0-1
- nixos-unstable-small hll2350dw-4.0.0-1

pkgs.cups-brother-hll2375dw

Brother HLL2375DW printer driver

nixos-unstable hll2375dw-4.0.0-1
- nixpkgs-unstable hll2375dw-4.0.0-1
- nixos-unstable-small hll2375dw-4.0.0-1

pkgs.cups-kyocera-3500-4500

CUPS drivers for Kyocera ECOSYS MA3500cix, MA3500cifx, MA4000cix, MA4000cifx, PA3500cx, PA4000cx and PA4500cx, for Kyocera CS MA4500ci and PA4500ci, and for Kyocera TASKalfa MA3500ci, MA4500ci and PI4500ci printers

nixos-unstable 3500-4500-9.0-20221003
- nixpkgs-unstable 3500-4500-9.0-20221003
- nixos-unstable-small 3500-4500-9.0-20221003

pkgs.dcp9020cdw-cupswrapper

Brother dcp9020cdw printer CUPS wrapper driver

nixos-unstable 1.1.2
- nixpkgs-unstable 1.1.2
- nixos-unstable-small 1.1.2

pkgs.mfcj6510dw-cupswrapper

Brother MFC-J6510DW CUPS wrapper driver

nixos-unstable 3.0.0-1
- nixpkgs-unstable 3.0.0-1
- nixos-unstable-small 3.0.0-1

pkgs.mfcl3770cdwcupswrapper

Brother MFCL3770CDW CUPS wrapper driver

nixos-unstable 1.0.2-0
- nixpkgs-unstable 1.0.2-0
- nixos-unstable-small 1.0.2-0

pkgs.mfcl8690cdwcupswrapper

Brother MFC-L8690CDW CUPS wrapper driver

nixos-unstable 1.4.0-0
- nixpkgs-unstable 1.4.0-0
- nixos-unstable-small 1.4.0-0

pkgs.cups-brother-mfcl2710dw

Brother MFC-L2710DW printer driver

nixos-unstable -
- nixpkgs-unstable mfcl2710dw-4.0.0-1
- nixos-unstable-small mfcl2710dw-4.0.0-1

pkgs.cups-brother-mfcl2750dw

Brother MFC-L2750DW printer driver

nixos-unstable mfcl2750dw-4.0.0-1
- nixpkgs-unstable mfcl2750dw-4.0.0-1
- nixos-unstable-small mfcl2750dw-4.0.0-1

pkgs.cups-brother-mfcl2800dw

Brother MFC-L2750DW printer driver

nixos-unstable mfcl2800dw-4.1.0-1
- nixpkgs-unstable mfcl2800dw-4.1.0-1
- nixos-unstable-small mfcl2800dw-4.1.0-1

pkgs.perl538Packages.NetCUPS

None

pkgs.perl540Packages.NetCUPS

None

pkgs.cups-brother-dcp1610wlpr

Brother DCP-1610W printer driver

nixos-unstable dcp1610wlpr-3.0.1-1
- nixpkgs-unstable dcp1610wlpr-3.0.1-1
- nixos-unstable-small dcp1610wlpr-3.0.1-1

pkgs.cups-brother-dcpl3550cdw

Brother DCP-L3550CDW printer driver

nixos-unstable dcpl3550cdw-1.0.2-0
- nixpkgs-unstable dcpl3550cdw-1.0.2-0
- nixos-unstable-small dcpl3550cdw-1.0.2-0

pkgs.python312Packages.pycups

None

pkgs.python313Packages.pycups

Python bindings for libcups

nixos-unstable 2.0.4
- nixpkgs-unstable 2.0.4
- nixos-unstable-small 2.0.4

pkgs.python314Packages.pycups

Python bindings for libcups

nixos-unstable 2.0.4
- nixpkgs-unstable 2.0.4
- nixos-unstable-small 2.0.4

pkgs.mfcj470dwlpr.x86_64-linux

Brother MFC-J470DW LPR driver

nixos-unstable 3.0.0-1
- nixpkgs-unstable 3.0.0-1
- nixos-unstable-small 3.0.0-1

pkgs.prometheus-apcupsd-exporter

Provides a Prometheus exporter for the apcupsd Network Information Server (NIS)

nixos-unstable 0.3.0
- nixpkgs-unstable 0.3.0
- nixos-unstable-small 0.3.0

pkgs.cups-kyocera-ecosys-m552x-p502x

PPD files for Kyocera ECOSYS M5521cdn/M5521cdw/M5526cdn/M5526cdw/P5021cdn/P5021cdw/P5026cdn/P5026cdw

nixos-unstable m552x-p502x-8.1602
- nixpkgs-unstable m552x-p502x-8.1602
- nixos-unstable-small m552x-p502x-8.1602

pkgs.cups-brother-hl1110.x86_64-linux

Brother HL1110 printer driver

nixos-unstable hl1110-3.0.1-1
- nixpkgs-unstable hl1110-3.0.1-1
- nixos-unstable-small hl1110-3.0.1-1

pkgs.cups-brother-hl1210w.x86_64-linux

Brother HL1210W printer driver

nixos-unstable hl1210W-3.0.1-1
- nixpkgs-unstable hl1210W-3.0.1-1
- nixos-unstable-small hl1210W-3.0.1-1

pkgs.cups-brother-hl2260d.x86_64-linux

Brother HL-2260D printer driver

nixos-unstable hl2260d-3.2.0-1
- nixpkgs-unstable hl2260d-3.2.0-1
- nixos-unstable-small hl2260d-3.2.0-1

pkgs.cups-brother-hl3140cw.x86_64-linux

Brother hl3140cw printer driver

nixos-unstable hl3140cw-1.1.4-0
- nixpkgs-unstable hl3140cw-1.1.4-0
- nixos-unstable-small hl3140cw-1.1.4-0

pkgs.cups-brother-hll2340dw.x86_64-linux

Brother hl-l2340dw printer driver

nixos-unstable hll2340dw-3.2.0-1
- nixpkgs-unstable hll2340dw-3.2.0-1
- nixos-unstable-small hll2340dw-3.2.0-1

pkgs.home-assistant-component-tests.cups

None

pkgs.cups-brother-hll3230cdw.x86_64-linux

Brother HL-L3230CDW printer driver

nixos-unstable hll3230cdw-1.0.2
- nixpkgs-unstable hll3230cdw-1.0.2
- nixos-unstable-small hll3230cdw-1.0.2

pkgs.home-assistant-component-tests.apcupsd

None

pkgs.cups-kyocera-ecosys-m2x35-40-p2x35-40dnw

PPD files for Kyocera ECOSYS M2040dn/M2135dn/M2540dn/M2540dw/M2635dn/M2635dw/M2640idw/M2735dw/P2040dn/M2040dw/P2235dn/P2235dw

nixos-unstable m2x35-40-p2x35-40dnw-8.1606
- nixpkgs-unstable m2x35-40-p2x35-40dnw-8.1606
- nixos-unstable-small m2x35-40-p2x35-40dnw-8.1606

pkgs.tests.home-assistant-component-tests.apcupsd

Open source home automation that puts local control and privacy first

nixos-unstable 2026.2.1
- nixpkgs-unstable 2026.2.2
- nixos-unstable-small 2026.2.2

Old issue. No impact on current stable branch.

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.cups

pkgs.apcupsd

pkgs.cups-bjnp

pkgs.cups-dymo

pkgs.carps-cups

pkgs.cups-zj-58

pkgs.cups-browsed

pkgs.cups-filters

pkgs.cups-kyocera

pkgs.cups-printers

pkgs.gutenprintBin

pkgs.cups-kyodialog

pkgs.cups-pk-helper

pkgs.gutenprint-bin

pkgs.libcupsfilters

pkgs.canon-cups-ufr2

pkgs.cups-idprt-tspl

pkgs.cups-pdf-to-pdf

pkgs.cups-idprt-mt888

pkgs.cups-idprt-mt890

pkgs.cups-idprt-sp900

pkgs.cups-idprt-barcode

pkgs.brgenml1cupswrapper

pkgs.mfc465cncupswrapper

pkgs.cups-brother-dcpt310

pkgs.cups-toshiba-estudio

pkgs.dcp375cw-cupswrapper

pkgs.magicard-cups-driver

pkgs.mfc5890cncupswrapper

pkgs.mfcj880dwcupswrapper

pkgs.perlPackages.NetCUPS

pkgs.mfc9140cdncupswrapper

pkgs.mfcj470dw-cupswrapper

pkgs.mfcl2700dncupswrapper

pkgs.mfcl2720dwcupswrapper

pkgs.mfcl2740dwcupswrapper

pkgs.perl5Packages.NetCUPS

pkgs.cups-brother-dcpt725dw

pkgs.cups-brother-hl3170cdw

pkgs.cups-brother-hll2350dw

pkgs.cups-brother-hll2375dw

pkgs.cups-kyocera-3500-4500

pkgs.dcp9020cdw-cupswrapper

pkgs.mfcj6510dw-cupswrapper

pkgs.mfcl3770cdwcupswrapper

pkgs.mfcl8690cdwcupswrapper

pkgs.cups-brother-mfcl2710dw

pkgs.cups-brother-mfcl2750dw

pkgs.cups-brother-mfcl2800dw

pkgs.perl538Packages.NetCUPS

pkgs.perl540Packages.NetCUPS

pkgs.cups-brother-dcp1610wlpr

pkgs.cups-brother-dcpl3550cdw

pkgs.python312Packages.pycups

pkgs.python313Packages.pycups

pkgs.python314Packages.pycups

pkgs.mfcj470dwlpr.x86_64-linux

pkgs.prometheus-apcupsd-exporter

pkgs.cups-kyocera-ecosys-m552x-p502x

pkgs.cups-brother-hl1110.x86_64-linux

pkgs.cups-brother-hl1210w.x86_64-linux

pkgs.cups-brother-hl2260d.x86_64-linux

pkgs.cups-brother-hl3140cw.x86_64-linux

pkgs.cups-brother-hll2340dw.x86_64-linux

pkgs.home-assistant-component-tests.cups

pkgs.cups-brother-hll3230cdw.x86_64-linux

pkgs.home-assistant-component-tests.apcupsd

pkgs.cups-kyocera-ecosys-m2x35-40-p2x35-40dnw

pkgs.tests.home-assistant-component-tests.apcupsd