Executive Summary
Summary | |
---|---|
Title | cups security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0192 | First vendor Publication | 2008-04-01 |
Vendor | RedHat | Last vendor Modification | 2008-04-01 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. A heap buffer overflow flaw was found in a CUPS administration interface CGI script. A local attacker able to connect to the IPP port (TCP port 631) could send a malicious request causing the script to crash or, potentially, execute arbitrary code as the "lp" user. Please note: the default CUPS configuration in Red Hat Enterprise Linux 5 does not allow remote connections to the IPP TCP port. (CVE-2008-0047) Red Hat would like to thank "regenrecht" for reporting this issue. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3 or 4. Two overflows were discovered in the HP-GL/2-to-PostScript filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code as the "lp" user if the file is printed. (CVE-2008-0053) A buffer overflow flaw was discovered in the GIF decoding routines used by CUPS image converting filters "imagetops" and "imagetoraster". An attacker could create a malicious GIF file that could possibly execute arbitrary code as the "lp" user if the file was printed. (CVE-2008-1373) All cups users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 436153 - CVE-2008-0047 cups: heap based buffer overflow in cgiCompileSearch() 438117 - CVE-2008-0053 cups: buffer overflows in HP-GL/2 filter 438303 - CVE-2008-1373 cups: overflow in gif image filter |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0192.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10085 | |||
Oval ID: | oval:org.mitre.oval:def:10085 | ||
Title: | Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||
Description: | Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0047 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10356 | |||
Oval ID: | oval:org.mitre.oval:def:10356 | ||
Title: | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | ||
Description: | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0053 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11479 | |||
Oval ID: | oval:org.mitre.oval:def:11479 | ||
Title: | Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. | ||
Description: | Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1373 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17501 | |||
Oval ID: | oval:org.mitre.oval:def:17501 | ||
Title: | USN-598-1 -- cupsys vulnerabilities | ||
Description: | It was discovered that the CUPS administration interface contained a heap- based overflow flaw. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-598-1 CVE-2008-0047 CVE-2008-0053 CVE-2008-0882 CVE-2008-1373 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | cupsys |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22130 | |||
Oval ID: | oval:org.mitre.oval:def:22130 | ||
Title: | ELSA-2008:0192: cups security update (Moderate) | ||
Description: | Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0192-01 CVE-2008-0047 CVE-2008-0053 CVE-2008-1373 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for CUPS File : nvt/sles10_cups4.nasl |
2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5023036.nasl |
2009-04-28 | Name : Fedora Core 9 FEDORA-2009-3753 (cups) File : nvt/fcore_2009_3753.nasl |
2009-04-09 | Name : Mandriva Update for cups MDVSA-2008:081 (cups) File : nvt/gb_mandriva_MDVSA_2008_081.nasl |
2009-03-23 | Name : Ubuntu Update for cupsys vulnerabilities USN-598-1 File : nvt/gb_ubuntu_USN_598_1.nasl |
2009-03-06 | Name : RedHat Update for cups RHSA-2008:0206-01 File : nvt/gb_RHSA-2008_0206-01_cups.nasl |
2009-03-06 | Name : RedHat Update for cups RHSA-2008:0192-01 File : nvt/gb_RHSA-2008_0192-01_cups.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 i386 File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 i386 File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8844 File : nvt/gb_fedora_2008_8844_cups_fc9.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8801 File : nvt/gb_fedora_2008_8801_cups_fc8.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3449 File : nvt/gb_fedora_2008_3449_cups_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3586 File : nvt/gb_fedora_2008_3586_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2131 File : nvt/gb_fedora_2008_2131_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2897 File : nvt/gb_fedora_2008_2897_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10917 File : nvt/gb_fedora_2008_10917_cups_fc9.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10911 File : nvt/gb_fedora_2008_10911_cups_fc8.nasl |
2009-01-23 | Name : SuSE Update for cups SUSE-SA:2008:015 File : nvt/gb_suse_2008_015.nasl |
2009-01-23 | Name : SuSE Update for cups SUSE-SA:2008:020 File : nvt/gb_suse_2008_020.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-01 (cups) File : nvt/glsa_200804_01.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1625-1 (cupsys) File : nvt/deb_1625_1.nasl |
2008-06-17 | Name : Cups < 1.3.8 vulnerability File : nvt/cups_CB-A08-0045.nasl |
2008-03-27 | Name : Debian Security Advisory DSA 1530-1 (cupsys) File : nvt/deb_1530_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-094-01 cups File : nvt/esoft_slk_ssa_2008_094_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44160 | CUPS filter/image-gif.c gif_read_image() Function GIF Image Handling Overflow |
43382 | CUPS Multiple HP-GL/2-to-PostScript Unspecified Input Validation Issues Multiple unspecified overflows exist in CUPS. The HP-GL/2-to-Postcript filter fails to validate unspecified inputs resulting in a buffer overflows. With a specially crafted HP-GL/2 file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
43376 | CUPS CGI Backend IPP Request Search Expression Handling (cgiCompileSearch) Re... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CUPS Gif Decoding Routine Buffer Overflow attempt RuleID : 17558 - Revision : 8 - Type : FILE-IMAGE |
2014-01-10 | CUPS server query metacharacter buffer overflow attempt RuleID : 16072 - Revision : 9 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080401_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12117.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-081.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1625.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3449.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3586.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2131.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2897.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-598-1.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-094-01.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5117.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-5115.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-01.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2008-04-03 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_3_7.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1530.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5076.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:31 |
|