will produce an error response that discloses a some uninitialised memory. This could be used to bypass ASLR, for example. The problem is in cgi-bin/var.c in cgi_initialize_string().
The text was updated successfully, but these errors were encountered:
Version: 1.4-current
CUPS.org User: mike
See attached PDF, but in short, a URL like
http://127.0.0.1:631/admin?URL=/admin/&OP=%
will produce an error response that discloses a some uninitialised memory. This could be used to bypass ASLR, for example. The problem is in cgi-bin/var.c in cgi_initialize_string().
The text was updated successfully, but these errors were encountered: