Package: print-manager Version: 4:18.04.1-1 Severity: critical Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
--- Please enter the report below this line. --- When on a (possibly untrusted) network with a cups server, opening the KDE configuration panel, and going to the Printers kcm causes a dialog with the current user name filled in, asking for that user's password. This prompt does not express whether the password is being sent to sudo (which a cursory inspection of the code suggests it does not), to a local cups server, or to a remote cups server. Moreover, the certificate that is being used by the server is completely unavailable for inspection---and worse still does not appear to be rejected if it is invalid. A print-manager user that is on a network with a hostile cups server could easily be tricked into sending their password to that cups server.
