Bug#900997: [print-manager] sends password to remote cups server
Package: print-manager
Version: 4:18.04.1-1
Severity: critical
Tags: security
X-Debbugs-CC: secure-testing-team@lists.alioth.debian.org
--- Please enter the report below this line. ---
When on a (possibly untrusted) network with a cups server, opening the KDE configuration panel,
and going to the Printers kcm causes a dialog with the current user name filled in, asking for
that user's password.
This prompt does not express whether the password is being sent to sudo (which a cursory
inspection of the code suggests it does not), to a local cups server, or to a remote cups
server.
Moreover, the certificate that is being used by the server is completely unavailable
for inspection---and worse still does not appear to be rejected if it is invalid.
A print-manager user that is on a network with a hostile cups server could easily be tricked into
sending their password to that cups server.
Reply to: