Executive Summary
Summary | |
---|---|
Title | cups security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:1595 | First vendor Publication | 2009-11-18 |
Vendor | RedHat | Last vendor Modification | 2009-11-18 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. A use-after-free flaw was found in the way CUPS handled references in its file descriptors-handling interface. A remote attacker could, in a specially-crafted way, query for the list of current print jobs for a specific printer, leading to a denial of service (cupsd crash). (CVE-2009-3553) Several cross-site scripting (XSS) flaws were found in the way the CUPS web server interface processed HTML form content. If a remote attacker could trick a local user who is logged into the CUPS web interface into visiting a specially-crafted HTML page, the attacker could retrieve and potentially modify confidential CUPS administration data. (CVE-2009-2820) Red Hat would like to thank Aaron Sigel of Apple Product Security for responsibly reporting the CVE-2009-2820 issue. Users of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the cupsd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 529833 - CVE-2009-2820 cups: Several XSS flaws in forms processed by CUPS web interface 530111 - CVE-2009-3553 cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-1595.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-416 | Use After Free |
50 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11183 | |||
Oval ID: | oval:org.mitre.oval:def:11183 | ||
Title: | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. | ||
Description: | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3553 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22727 | |||
Oval ID: | oval:org.mitre.oval:def:22727 | ||
Title: | ELSA-2009:1595: cups security update (Moderate) | ||
Description: | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1595-02 CVE-2009-2820 CVE-2009-3553 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9153 | |||
Oval ID: | oval:org.mitre.oval:def:9153 | ||
Title: | The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. | ||
Description: | The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs, as demonstrated by an XSS attack that uses the kerberos parameter to the admin program, and leverages attribute injection and HTTP Parameter Pollution (HPP) issues. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2820 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
2011-08-09 | Name : CentOS Update for cups CESA-2009:1595 centos5 i386 File : nvt/gb_CESA-2009_1595_cups_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for cups CESA-2010:0129 centos5 i386 File : nvt/gb_CESA-2010_0129_cups_centos5_i386.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2176-1 (cups) File : nvt/deb_2176_1.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17627 File : nvt/gb_fedora_2010_17627_cups_fc12.nasl |
2010-07-30 | Name : Fedora Update for cups FEDORA-2010-10101 File : nvt/gb_fedora_2010_10101_cups_fc12.nasl |
2010-06-28 | Name : Fedora Update for cups FEDORA-2010-10066 File : nvt/gb_fedora_2010_10066_cups_fc11.nasl |
2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
2010-04-16 | Name : Mandriva Update for cups MDVSA-2010:073-1 (cups) File : nvt/gb_mandriva_MDVSA_2010_073_1.nasl |
2010-04-16 | Name : Mandriva Update for cups MDVSA-2010:073 (cups) File : nvt/gb_mandriva_MDVSA_2010_073.nasl |
2010-04-06 | Name : Mac OS X Security Update 2010-001 File : nvt/macosx_secupd_2010-001.nasl |
2010-03-22 | Name : Fedora Update for cups FEDORA-2010-2743 File : nvt/gb_fedora_2010_2743_cups_fc11.nasl |
2010-03-12 | Name : Fedora Update for cups FEDORA-2010-3761 File : nvt/gb_fedora_2010_3761_cups_fc12.nasl |
2010-03-05 | Name : RedHat Update for cups RHSA-2010:0129-01 File : nvt/gb_RHSA-2010_0129-01_cups.nasl |
2010-03-05 | Name : Ubuntu Update for cups, cupsys vulnerabilities USN-906-1 File : nvt/gb_ubuntu_USN_906_1.nasl |
2010-02-19 | Name : Mandriva Update for mandriva-doc MDVA-2010:072 (mandriva-doc) File : nvt/gb_mandriva_MDVA_2010_072.nasl |
2010-02-19 | Name : Mandriva Update for dhcp MDVA-2010:073 (dhcp) File : nvt/gb_mandriva_MDVA_2010_073.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-12652 (cups) File : nvt/fcore_2009_12652.nasl |
2009-12-10 | Name : Fedora Core 12 FEDORA-2009-11314 (cups) File : nvt/fcore_2009_11314.nasl |
2009-12-10 | Name : Fedora Core 10 FEDORA-2009-11062 (cups) File : nvt/fcore_2009_11062.nasl |
2009-12-10 | Name : Fedora Core 11 FEDORA-2009-10891 (cups) File : nvt/fcore_2009_10891.nasl |
2009-12-01 | Name : CUPS File Descriptors Handling Remote Denial Of Service Vulnerability File : nvt/cups_37048.nasl |
2009-11-23 | Name : RedHat Security Advisory RHSA-2009:1595 File : nvt/RHSA_2009_1595.nasl |
2009-11-23 | Name : Ubuntu USN-856-1 (cupsys) File : nvt/ubuntu_856_1.nasl |
2009-11-17 | Name : Debian Security Advisory DSA 1933-1 (cups) File : nvt/deb_1933_1.nasl |
2009-11-17 | Name : SLES11: Security update for CUPS File : nvt/sles11_cups0.nasl |
2009-11-13 | Name : CUPS 'kerberos' Parameter Cross Site Scripting Vulnerability File : nvt/cups_36958.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60204 | CUPS scheduler/select.c cupsdDoSelect() Function Use-after-free DoS |
59854 | CUPS Web Interface admin/ kerberos Parameter XSS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1595.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0129.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1595.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100303_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201207-10.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2176.nasl - Type : ACT_GATHER_INFO |
2010-07-08 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_4_4.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-3761.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-3693.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-2743.nasl - Type : ACT_GATHER_INFO |
2010-04-16 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_4_3.nasl - Type : ACT_GATHER_INFO |
2010-04-15 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-073.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_cups-100210.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-100210.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-100305.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-100210.nasl - Type : ACT_GATHER_INFO |
2010-03-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0129.nasl - Type : ACT_GATHER_INFO |
2010-03-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-906-1.nasl - Type : ACT_GATHER_INFO |
2010-03-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0129.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1933.nasl - Type : ACT_GATHER_INFO |
2010-01-20 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-001.nasl - Type : ACT_GATHER_INFO |
2009-12-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-091210.nasl - Type : ACT_GATHER_INFO |
2009-12-27 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_cups-091210.nasl - Type : ACT_GATHER_INFO |
2009-12-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-091204.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Fedora host is missing a security update. File : fedora_2009-12652.nasl - Type : ACT_GATHER_INFO |
2009-12-02 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11062.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11314.nasl - Type : ACT_GATHER_INFO |
2009-12-01 | Name : The remote Fedora host is missing a security update. File : fedora_2009-10891.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1595.nasl - Type : ACT_GATHER_INFO |
2009-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_cups-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-091104.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote printer service is affected by a cross-site scripting vulnerability. File : cups_1_4_2.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-856-1.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_2.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:53:04 |
|