Executive Summary
Summary | |
---|---|
Title | New cupsys packages fix arbitrary code execution |
Informations | |||
---|---|---|---|
Name | DSA-1407 | First vendor Publication | 2007-11-18 |
Vendor | Debian | Last vendor Modification | 2007-11-18 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 1.2.7-4etch1. Updated packages for the arm architecure will be provided later. The cupsys version in the old stable distribution (sarge) is not vulnerable to arbitrary code execution. We recommend that you upgrade your cupsys packages. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1407 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10604 | |||
Oval ID: | oval:org.mitre.oval:def:10604 | ||
Title: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Description: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4351 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17451 | |||
Oval ID: | oval:org.mitre.oval:def:17451 | ||
Title: | USN-539-1 -- cupsys vulnerability | ||
Description: | Alin Rad Pop discovered that CUPS did not correctly validate buffer lengths when processing IPP tags. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-539-1 CVE-2007-4351 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | cupsys |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18743 | |||
Oval ID: | oval:org.mitre.oval:def:18743 | ||
Title: | DSA-1407-1 cupsys - buffer overflow with arbitrary code execution | ||
Description: | Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1407-1 CVE-2007-4351 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cupsys |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22661 | |||
Oval ID: | oval:org.mitre.oval:def:22661 | ||
Title: | ELSA-2007:1020: cups security and bug fix update (Important) | ||
Description: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1020-01 CVE-2007-4351 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:204-1 (cups) File : nvt/gb_mandriva_MDKSA_2007_204_1.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:204 (cups) File : nvt/gb_mandriva_MDKSA_2007_204.nasl |
2009-03-23 | Name : Ubuntu Update for cupsys vulnerability USN-539-1 File : nvt/gb_ubuntu_USN_539_1.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-2715 File : nvt/gb_fedora_2007_2715_cups_fc7.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-2982 File : nvt/gb_fedora_2007_2982_cups_fc8.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-3100 File : nvt/gb_fedora_2007_3100_cups_fc7.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-740 File : nvt/gb_fedora_2007_740_cups_fc6.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3449 File : nvt/gb_fedora_2008_3449_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2897 File : nvt/gb_fedora_2008_2897_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-1976 File : nvt/gb_fedora_2008_1976_cups_fc7.nasl |
2009-01-28 | Name : SuSE Update for cups SUSE-SA:2007:058 File : nvt/gb_suse_2007_058.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-16 (cups) File : nvt/glsa_200711_16.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base4.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1407-1 (cupsys) File : nvt/deb_1407_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-305-01 cups File : nvt/esoft_slk_ssa_2007_305_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42028 | CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_cups_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071031_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3449.nasl - Type : ACT_GATHER_INFO |
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1407.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-16.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-539-1.nasl - Type : ACT_GATHER_INFO |
2007-11-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8dd9722c8e9711dcb8f6001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2982.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2715.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-305-01.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-204.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote printer service is prone to a buffer overflow attack. File : cups_ipp_tag_overflow.nasl - Type : ACT_GATHER_INFO |
2007-11-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2007-11-01 | Name : The remote openSUSE host is missing a security update. File : suse_cups-4598.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:00 |
|