Executive Summary
Summary | |
---|---|
Title | cups security update |
Informations | |||
---|---|---|---|
Name | RHSA-2007:1023 | First vendor Publication | 2007-11-07 |
Vendor | RedHat | Last vendor Modification | 2007-11-07 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated cups packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. Alin Rad Pop discovered a flaw in the handling of PDF files. An attacker could create a malicious PDF file that would cause CUPS to crash or potentially execute arbitrary code when printed. (CVE-2007-5393) Alin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags. A remote attacker who is able to connect to the IPP TCP port could send a malicious request causing the CUPS daemon to crash. (CVE-2007-4351) A flaw was found in the way CUPS handled SSL negotiation. A remote attacker capable of connecting to the CUPS daemon could cause CUPS to crash. (CVE-2007-4045) All CUPS users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 250161 - CVE-2007-4045 Incomplete fix for CVE-2007-0720 CUPS denial of service 345091 - CVE-2007-4351 cups boundary error 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar() |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2007-1023.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10604 | |||
Oval ID: | oval:org.mitre.oval:def:10604 | ||
Title: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Description: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4351 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11046 | |||
Oval ID: | oval:org.mitre.oval:def:11046 | ||
Title: | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | ||
Description: | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-0720 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16740 | |||
Oval ID: | oval:org.mitre.oval:def:16740 | ||
Title: | USN-542-1 -- poppler vulnerabilities | ||
Description: | Secunia Research discovered several vulnerabilities in poppler. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-542-1 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | poppler |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17451 | |||
Oval ID: | oval:org.mitre.oval:def:17451 | ||
Title: | USN-539-1 -- cupsys vulnerability | ||
Description: | Alin Rad Pop discovered that CUPS did not correctly validate buffer lengths when processing IPP tags. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-539-1 CVE-2007-4351 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | cupsys |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17520 | |||
Oval ID: | oval:org.mitre.oval:def:17520 | ||
Title: | USN-542-2 -- koffice vulnerabilities | ||
Description: | USN-542-1 fixed a vulnerability in poppler. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-542-2 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 5 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | koffice |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18361 | |||
Oval ID: | oval:org.mitre.oval:def:18361 | ||
Title: | DSA-1537-1 xpdf | ||
Description: | Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1537-1 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xpdf |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18702 | |||
Oval ID: | oval:org.mitre.oval:def:18702 | ||
Title: | DSA-1509-1 koffice - multiple vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in xpdf code that is embedded in koffice, an integrated office suite for KDE. These flaws could allow an attacker to execute arbitrary code by inducing the user to import a specially crafted PDF document. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1509-1 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | koffice |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18743 | |||
Oval ID: | oval:org.mitre.oval:def:18743 | ||
Title: | DSA-1407-1 cupsys - buffer overflow with arbitrary code execution | ||
Description: | Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1407-1 CVE-2007-4351 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cupsys |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20193 | |||
Oval ID: | oval:org.mitre.oval:def:20193 | ||
Title: | DSA-1480-1 poppler - several vulnerabilities | ||
Description: | Alin Rad Pop discovered several buffer overflows in the Poppler PDF library, which could allow the execution of arbitrary code if a malformed PDF file is opened. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1480-1 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | poppler |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20264 | |||
Oval ID: | oval:org.mitre.oval:def:20264 | ||
Title: | DSA-1408-1 kdegraphics - buffer overflow with arbitrary code execution | ||
Description: | Alin Rad Pop discovered a buffer overflow in kpdf, which could allow the execution of arbitrary code if a malformed PDF file is displayed. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1408-1 CVE-2007-5393 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | kdegraphics |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22569 | |||
Oval ID: | oval:org.mitre.oval:def:22569 | ||
Title: | ELSA-2007:0123: cups security update (Moderate) | ||
Description: | The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0123-01 CVE-2007-0720 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22588 | |||
Oval ID: | oval:org.mitre.oval:def:22588 | ||
Title: | ELSA-2007:1027: tetex security update (Important) | ||
Description: | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1027-02 CVE-2007-4033 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 21 |
Platform(s): | Oracle Linux 5 | Product(s): | tetex |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22617 | |||
Oval ID: | oval:org.mitre.oval:def:22617 | ||
Title: | ELSA-2007:1021: cups security update (Important) | ||
Description: | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1021-01 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22638 | |||
Oval ID: | oval:org.mitre.oval:def:22638 | ||
Title: | ELSA-2007:1026: poppler security update (Important) | ||
Description: | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1026-01 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | poppler |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22644 | |||
Oval ID: | oval:org.mitre.oval:def:22644 | ||
Title: | ELSA-2007:1051: kdegraphics security update (Important) | ||
Description: | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1051-04 CVE-2007-5393 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kdegraphics |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22661 | |||
Oval ID: | oval:org.mitre.oval:def:22661 | ||
Title: | ELSA-2007:1020: cups security and bug fix update (Important) | ||
Description: | Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1020-01 CVE-2007-4351 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7858 | |||
Oval ID: | oval:org.mitre.oval:def:7858 | ||
Title: | DSA-1509 koffice -- multiple vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in xpdf code that is embedded in koffice, an integrated office suite for KDE. These flaws could allow an attacker to execute arbitrary code by inducing the user to import a specially crafted PDF document. The Common Vulnerabilities and Exposures project identifies the following problems: Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file. Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. Updates for the old stable distribution (sarge) will be made available as soon as possible. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1509 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | koffice |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7985 | |||
Oval ID: | oval:org.mitre.oval:def:7985 | ||
Title: | DSA-1537 xpdf -- several vulnerabilities | ||
Description: | Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files. The Common Vulnerabilities and Exposures project identifies the following three problems: Inadequate DCT stream validation allows an attacker to corrupt memory and potentially execute arbitrary code by supplying a maliciously crafted PDF file. An integer overflow vulnerability in DCT stream handling could allow an attacker to overflow a heap buffer, enabling the execution of arbitrary code. A buffer overflow vulnerability in xpdf's CCITT image compression handlers allows overflow on the heap, allowing an attacker to execute arbitrary code by supplying a maliciously crafted CCITTFaxDecode filter. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1537 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xpdf |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9303 | |||
Oval ID: | oval:org.mitre.oval:def:9303 | ||
Title: | The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. | ||
Description: | The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-4045 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for xpdf File : nvt/sles10_xpdf1.nasl |
2009-10-13 | Name : SLES10: Security update for kdegraphics3-pdf File : nvt/sles10_kdegraphics3-pd.nasl |
2009-10-10 | Name : SLES9: Security update for Cups File : nvt/sles9p5016608.nasl |
2009-10-10 | Name : SLES9: Security update for cups File : nvt/sles9p5009576.nasl |
2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5009377.nasl |
2009-04-09 | Name : Mandriva Update for koffice MDKSA-2007:222 (koffice) File : nvt/gb_mandriva_MDKSA_2007_222.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:086 (cups) File : nvt/gb_mandriva_MDKSA_2007_086.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:204 (cups) File : nvt/gb_mandriva_MDKSA_2007_204.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:204-1 (cups) File : nvt/gb_mandriva_MDKSA_2007_204_1.nasl |
2009-04-09 | Name : Mandriva Update for xpdf MDKSA-2007:219 (xpdf) File : nvt/gb_mandriva_MDKSA_2007_219.nasl |
2009-04-09 | Name : Mandriva Update for kdegraphics MDKSA-2007:221 (kdegraphics) File : nvt/gb_mandriva_MDKSA_2007_221.nasl |
2009-04-09 | Name : Mandriva Update for pdftohtml MDKSA-2007:223 (pdftohtml) File : nvt/gb_mandriva_MDKSA_2007_223.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:228 (cups) File : nvt/gb_mandriva_MDKSA_2007_228.nasl |
2009-04-09 | Name : Mandriva Update for poppler MDKSA-2007:227 (poppler) File : nvt/gb_mandriva_MDKSA_2007_227.nasl |
2009-04-09 | Name : Mandriva Update for tetex MDKSA-2007:230 (tetex) File : nvt/gb_mandriva_MDKSA_2007_230.nasl |
2009-04-09 | Name : Mandriva Update for cups MDVSA-2008:036 (cups) File : nvt/gb_mandriva_MDVSA_2008_036.nasl |
2009-03-23 | Name : Ubuntu Update for cupsys vulnerability USN-539-1 File : nvt/gb_ubuntu_USN_539_1.nasl |
2009-03-23 | Name : Ubuntu Update for poppler vulnerabilities USN-542-1 File : nvt/gb_ubuntu_USN_542_1.nasl |
2009-03-23 | Name : Ubuntu Update for koffice vulnerabilities USN-542-2 File : nvt/gb_ubuntu_USN_542_2.nasl |
2009-02-27 | Name : Fedora Update for xpdf FEDORA-2007-3014 File : nvt/gb_fedora_2007_3014_xpdf_fc8.nasl |
2009-02-27 | Name : Fedora Update for xpdf FEDORA-2007-3031 File : nvt/gb_fedora_2007_3031_xpdf_fc7.nasl |
2009-02-27 | Name : Fedora Update for koffice FEDORA-2007-3059 File : nvt/gb_fedora_2007_3059_koffice_fc7.nasl |
2009-02-27 | Name : Fedora Update for koffice FEDORA-2007-3093 File : nvt/gb_fedora_2007_3093_koffice_fc8.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-3100 File : nvt/gb_fedora_2007_3100_cups_fc7.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3308 File : nvt/gb_fedora_2007_3308_tetex_fc8.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3390 File : nvt/gb_fedora_2007_3390_tetex_fc7.nasl |
2009-02-27 | Name : Fedora Update for poppler FEDORA-2007-4031 File : nvt/gb_fedora_2007_4031_poppler_fc8.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-746 File : nvt/gb_fedora_2007_746_cups_fc6.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-750 File : nvt/gb_fedora_2007_750_tetex_fc6.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-740 File : nvt/gb_fedora_2007_740_cups_fc6.nasl |
2009-02-27 | Name : Fedora Update for kdewebdev FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdewebdev_fc7.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-2715 File : nvt/gb_fedora_2007_2715_cups_fc7.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-2982 File : nvt/gb_fedora_2007_2982_cups_fc8.nasl |
2009-02-27 | Name : Fedora Update for arts FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_arts_fc7.nasl |
2009-02-27 | Name : Fedora Update for kde-i18n FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kde-i18n_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeaccessibility FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeaccessibility_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeaddons FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeaddons_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeadmin FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeadmin_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeartwork FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeartwork_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdebase FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdebase_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdebindings FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdebindings_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeedu FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeedu_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdegames FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdegames_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdegraphics FEDORA-2007-3001 File : nvt/gb_fedora_2007_3001_kdegraphics_fc8.nasl |
2009-02-27 | Name : Fedora Update for kdevelop FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdevelop_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeutils FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeutils_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdetoys FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdetoys_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdegraphics FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdegraphics_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdelibs FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdelibs_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdesdk FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdesdk_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdemultimedia FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdemultimedia_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdenetwork FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdenetwork_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdepim FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdepim_fc7.nasl |
2009-02-17 | Name : Fedora Update for poppler FEDORA-2008-3312 File : nvt/gb_fedora_2008_3312_poppler_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3449 File : nvt/gb_fedora_2008_3449_cups_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3586 File : nvt/gb_fedora_2008_3586_cups_fc8.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8801 File : nvt/gb_fedora_2008_8801_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-1976 File : nvt/gb_fedora_2008_1976_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10911 File : nvt/gb_fedora_2008_10911_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2897 File : nvt/gb_fedora_2008_2897_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2131 File : nvt/gb_fedora_2008_2131_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-1901 File : nvt/gb_fedora_2008_1901_cups_fc8.nasl |
2009-01-28 | Name : SuSE Update for cups SUSE-SA:2007:058 File : nvt/gb_suse_2007_058.nasl |
2009-01-28 | Name : SuSE Update for xpdf, kdegraphics3-pdf, koffice, libextractor, SUSE-SA:2007:060 File : nvt/gb_suse_2007_060.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-22 (poppler koffice kword kdegraphics kpdf) File : nvt/glsa_200711_22.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-13 (ptex) File : nvt/glsa_200805_13.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-14 (cups) File : nvt/glsa_200712_14.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-34 (cstetex) File : nvt/glsa_200711_34.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-16 (cups) File : nvt/glsa_200711_16.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200703-28 (cups) File : nvt/glsa_200703_28.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base4.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base5.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base3.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1537-1 (xpdf) File : nvt/deb_1537_1.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1509-1 (koffice) File : nvt/deb_1509_1.nasl |
2008-02-05 | Name : Debian Security Advisory DSA 1480-1 (poppler) File : nvt/deb_1480_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1407-1 (cupsys) File : nvt/deb_1407_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1408-1 (kdegraphics) File : nvt/deb_1408_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-316-01 xpdf/poppler/koffice/kdegraphics File : nvt/esoft_slk_ssa_2007_316_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-305-01 cups File : nvt/esoft_slk_ssa_2007_305_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58777 | CUPS SSL Negotiation Unspecified Remote DoS |
42028 | CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow |
39543 | Xpdf xpdf/Stream.cc CCITTFaxStream::lookChar Method PDF Handling Overflow |
34072 | CUPS Incomplete SSL Negotiation Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-11.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0123.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1026.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1028.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071031_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_cups_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071107_gpdf_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_poppler_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071107_xpdf_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071108_tetex_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071112_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11965.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1028.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-219.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-221.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-222.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-227.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-036.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1051.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3449.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3586.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1537.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1509.nasl - Type : ACT_GATHER_INFO |
2008-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1480.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-14.nasl - Type : ACT_GATHER_INFO |
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-3137.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-3716.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-4667.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdegraphics3-pdf-4682.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_poppler-4630.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xpdf-4644.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4031.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1408.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3308.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3390.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-750.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-230.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1407.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-22.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-223.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-228.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-542-2.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2007-2985.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2747fc39915b11dc9239001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-16.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote openSUSE host is missing a security update. File : suse_cups-4668.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote openSUSE host is missing a security update. File : suse_kdegraphics3-pdf-4681.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-542-1.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-316-01.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3001.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3014.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3031.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3059.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3093.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3100.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_gpdf-4651.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_koffice-4649.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_libextractor-4646.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_pdftohtml-4642.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_poppler-4638.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_xpdf-4643.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-539-1.nasl - Type : ACT_GATHER_INFO |
2007-11-09 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8dd9722c8e9711dcb8f6001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-11-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2982.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1021.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1023.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1026.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1028.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1031.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2715.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-305-01.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote printer service is prone to a buffer overflow attack. File : cups_ipp_tag_overflow.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-204.nasl - Type : ACT_GATHER_INFO |
2007-11-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1020.nasl - Type : ACT_GATHER_INFO |
2007-11-01 | Name : The remote openSUSE host is missing a security update. File : suse_cups-4598.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_cups-3136.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_cups-3715.nasl - Type : ACT_GATHER_INFO |
2007-08-15 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-160.nasl - Type : ACT_GATHER_INFO |
2007-06-14 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_39988ee8191811dcb6bd0016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2007-04-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0123.nasl - Type : ACT_GATHER_INFO |
2007-04-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-086.nasl - Type : ACT_GATHER_INFO |
2007-04-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0123.nasl - Type : ACT_GATHER_INFO |
2007-04-05 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200703-28.nasl - Type : ACT_GATHER_INFO |
2007-03-27 | Name : The remote printer service is prone to a denial of service attack. File : cups_ssl_negotiation_dos.nasl - Type : ACT_DENIAL |
2007-03-16 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-1219.nasl - Type : ACT_GATHER_INFO |
2007-03-13 | Name : The remote host is missing a Mac OS X update which fixes a security issue. File : macosx_10_4_9.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:10 |
|
2013-05-11 12:24:14 |
|