Executive Summary
Summary | |
---|---|
Title | cups security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0866 | First vendor Publication | 2010-11-10 |
Vendor | RedHat | Last vendor Modification | 2010-11-10 |
Severity (Vendor) | Important | Revision | 02 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.9 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 5.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated cups packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. An invalid free flaw was found in the way the CUPS server parsed Internet Printing Protocol (IPP) packets. A malicious user able to send IPP requests to the CUPS server could use this flaw to crash the CUPS server. (CVE-2010-2941) Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for reporting this issue. Users of cups are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the cupsd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 624438 - CVE-2010-2941 cups: cupsd memory corruption vulnerability |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0866.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12954 | |||
Oval ID: | oval:org.mitre.oval:def:12954 | ||
Title: | DSA-2176-1 cups -- several | ||
Description: | Several vulnerabilities have been discovered in the Common UNIX Printing System: CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service. CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service. CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface. CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service. CVE-2010-1748 Information disclosure in the web interface. CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. CVE-2010-2432 Denial of service in the authentication code. CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2176-1 CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22210 | |||
Oval ID: | oval:org.mitre.oval:def:22210 | ||
Title: | RHSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0866-02 CVE-2010-2941 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22217 | |||
Oval ID: | oval:org.mitre.oval:def:22217 | ||
Title: | RHSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0811-01 CESA-2010:0811 CVE-2010-2431 CVE-2010-2941 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22255 | |||
Oval ID: | oval:org.mitre.oval:def:22255 | ||
Title: | ELSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0811-01 CVE-2010-2431 CVE-2010-2941 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23225 | |||
Oval ID: | oval:org.mitre.oval:def:23225 | ||
Title: | ELSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0866-02 CVE-2010-2941 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27944 | |||
Oval ID: | oval:org.mitre.oval:def:27944 | ||
Title: | DEPRECATED: ELSA-2010-0866 -- cups security update (important) | ||
Description: | [1:1.4.2-35:.1] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0866 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28063 | |||
Oval ID: | oval:org.mitre.oval:def:28063 | ||
Title: | DEPRECATED: ELSA-2010-0811 -- cups security update (important) | ||
Description: | [1.3.7-18:.8] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). - Fix latent privilege escalation vulnerability (CVE-2010-2431, STR #3510, bug #605397). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0811 CVE-2010-2431 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
2011-09-12 | Name : Fedora Update for cups FEDORA-2011-11221 File : nvt/gb_fedora_2011_11221_cups_fc14.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2176-1 (cups) File : nvt/deb_2176_1.nasl |
2010-12-02 | Name : Fedora Update for cups FEDORA-2010-17641 File : nvt/gb_fedora_2010_17641_cups_fc14.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17615 File : nvt/gb_fedora_2010_17615_cups_fc13.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17627 File : nvt/gb_fedora_2010_17627_cups_fc12.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:232 (cups) File : nvt/gb_mandriva_MDVSA_2010_232.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:233 (cups) File : nvt/gb_mandriva_MDVSA_2010_233.nasl |
2010-11-18 | Name : CUPS IPP Use-After-Free Denial of Service Vulnerability File : nvt/gb_cupsd_ipp_use_after_free_dos_vuln.nasl |
2010-11-16 | Name : Ubuntu Update for cups, cupsys vulnerability USN-1012-1 File : nvt/gb_ubuntu_USN_1012_1.nasl |
2010-11-04 | Name : RedHat Update for cups RHSA-2010:0811-01 File : nvt/gb_RHSA-2010_0811-01_cups.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-333-01 cups File : nvt/esoft_slk_ssa_2010_333_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68951 | CUPS IPP Request Handling Use-After-Free Arbitrary Code Execution CUPS contains a flaw related to the 'ipp.c' function's failure to allocate memory correctly for attribute values with invalid string data types, creating a use-after-free error. This may allow a remote attacker to use a crafted IPP request to execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CUPS IPP multi-valued attribute memory corruption attempt RuleID : 26972 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23139 - Revision : 5 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23138 - Revision : 5 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_cups-101124.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_cups_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101028_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201207-10.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2176.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-101119.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-333-01.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote print service is affected by multiple vulnerabilities. File : cups_1_4_5.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17627.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17615.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2010-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17641.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-233.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-232.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1012-1.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:03 |
|