Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary | |
---|---|
Title | Sun Alert 261088 Multiple Security Vulnerabilities in Common UNIX Printing System (CUPS) May Allow a Remote User to Execute Arbitrary Code |
Informations | |||
---|---|---|---|
Name | SUN-261088 | First vendor Publication | 2009-06-10 |
Vendor | Sun | Last vendor Modification | 2009-06-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Product: OpenSolaris The Common UNIX Printing System (CUPS) as shipped with OpenSolaris is impacted by multiple security vulnerabilities affecting the "imagetops", "texttops" and "hpgltops" filters. These vulnerabilities may allow a local or remote unprivileged user to execute arbitrary code with the privileges of the CUPS service (which usually runs as root). These issues are described in the following documents: CVE-2008-3639 at http://www.security-database.com/detail.php?cve=CVE-2008-3639 CVE-2008-3640 at http://www.security-database.com/detail.php?cve=CVE-2008-3640 CVE-2008-3641 at http://www.security-database.com/detail.php?cve=CVE-2008-3641 State: Resolved First released: 10-Jun-2009 |
Original Source
Url : http://blogs.sun.com/security/entry/sun_alert_261088_multiple_security |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10266 | |||
Oval ID: | oval:org.mitre.oval:def:10266 | ||
Title: | Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. | ||
Description: | Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3640 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11464 | |||
Oval ID: | oval:org.mitre.oval:def:11464 | ||
Title: | Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | ||
Description: | Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3639 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18746 | |||
Oval ID: | oval:org.mitre.oval:def:18746 | ||
Title: | DSA-1656-1 cupsys - several vulnerabilities | ||
Description: | Several local vulnerabilities have been discovered in the Common UNIX Printing System. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1656-1 CVE-2008-3639 CVE-2008-3640 CVE-2008-3641 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cupsys |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22723 | |||
Oval ID: | oval:org.mitre.oval:def:22723 | ||
Title: | ELSA-2008:0937: cups security update (Important) | ||
Description: | The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0937-01 CVE-2008-3639 CVE-2008-3640 CVE-2008-3641 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29185 | |||
Oval ID: | oval:org.mitre.oval:def:29185 | ||
Title: | RHSA-2008:0937 -- cups security update (Important) | ||
Description: | Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0937 CESA-2008:0937-CentOS 3 CESA-2008:0937-CentOS 5 CVE-2008-3639 CVE-2008-3640 CVE-2008-3641 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 3 CentOS Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8170 | |||
Oval ID: | oval:org.mitre.oval:def:8170 | ||
Title: | DSA-1656 cupsys -- several vulnerabilities | ||
Description: | Several local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that insufficient bounds checking in the SGI image filter may lead to the execution of arbitrary code. It was discovered that an integer overflow in the Postscript conversion tool texttops may lead to the execution of arbitrary code. It was discovered that insufficient bounds checking in the HPGL filter may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1656 CVE-2008-3639 CVE-2008-3640 CVE-2008-3641 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | cupsys |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9666 | |||
Oval ID: | oval:org.mitre.oval:def:9666 | ||
Title: | The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | ||
Description: | The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3641 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for cups CESA-2009:0308 centos3 i386 File : nvt/gb_CESA-2009_0308_cups_centos3_i386.nasl |
2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for CUPS File : nvt/sles10_cups3.nasl |
2009-10-13 | Name : SLES10: Security update for Cups File : nvt/sles10_cups.nasl |
2009-10-10 | Name : SLES9: Security update for Cups File : nvt/sles9p5041140.nasl |
2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5036560.nasl |
2009-04-28 | Name : Fedora Core 9 FEDORA-2009-3753 (cups) File : nvt/fcore_2009_3753.nasl |
2009-04-09 | Name : Mandriva Update for cups MDVSA-2008:211 (cups) File : nvt/gb_mandriva_MDVSA_2008_211.nasl |
2009-03-23 | Name : Ubuntu Update for cupsys vulnerabilities USN-656-1 File : nvt/gb_ubuntu_USN_656_1.nasl |
2009-03-06 | Name : RedHat Update for cups RHSA-2008:0937-01 File : nvt/gb_RHSA-2008_0937-01_cups.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0937 centos3 i386 File : nvt/gb_CESA-2008_0937_cups_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0937 centos3 x86_64 File : nvt/gb_CESA-2008_0937_cups_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0937 centos4 i386 File : nvt/gb_CESA-2008_0937_cups_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0937 centos4 x86_64 File : nvt/gb_CESA-2008_0937_cups_centos4_x86_64.nasl |
2009-02-23 | Name : CentOS Security Advisory CESA-2009:0308 (cups) File : nvt/ovcesa2009_0308.nasl |
2009-02-23 | Name : RedHat Security Advisory RHSA-2009:0308 File : nvt/RHSA_2009_0308.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8844 File : nvt/gb_fedora_2008_8844_cups_fc9.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8801 File : nvt/gb_fedora_2008_8801_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10917 File : nvt/gb_fedora_2008_10917_cups_fc9.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10911 File : nvt/gb_fedora_2008_10911_cups_fc8.nasl |
2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:002 File : nvt/suse_sr_2009_002.nasl |
2008-12-23 | Name : Gentoo Security Advisory GLSA 200812-11 (cups) File : nvt/glsa_200812_11.nasl |
2008-11-01 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base6.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1656-1 (cupsys) File : nvt/deb_1656_1.nasl |
2008-10-14 | Name : CUPS Multiple Vulnerabilities - Oct08 File : nvt/gb_cups_mult_vuln_oct08.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-312-01 cups File : nvt/esoft_slk_ssa_2008_312_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49132 | CUPS texttops WriteProlog Function Crafted PostScript File Handling Overflow |
49131 | CUPS imagetops read_rle16 Function Malformed SGI Image Handling Remote Overflow |
49130 | CUPS Hewlett-Packard Graphics Language (HPGL) Filter Multiple Opcode Handling... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Apple CUPS SGI image decoding buffer overflow attempt RuleID : 17663 - Revision : 6 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS Text to PostScript Filter Integer Overflow attempt RuleID : 17535 - Revision : 11 - Type : SERVER-OTHER |
2014-01-10 | Multiple vendors CUPS HPGL filter remote code execution attempt RuleID : 15189 - Revision : 2 - Type : MISC |
2014-01-10 | Multiple vendors CUPS HPGL filter remote code execution attempt RuleID : 15188 - Revision : 8 - Type : SERVER-OTHER |
2014-01-10 | Multiple vendors CUPS HPGL filter remote code execution attempt RuleID : 15187 - Revision : 4 - Type : MISC |
2014-01-10 | Multiple vendors CUPS HPGL filter remote code execution attempt RuleID : 15186 - Revision : 7 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0308.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0937.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090219_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081010_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-5845.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12317.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12261.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_cups-081203.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_cups-081002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-211.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-656-1.nasl - Type : ACT_GATHER_INFO |
2009-02-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0308.nasl - Type : ACT_GATHER_INFO |
2009-02-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0308.nasl - Type : ACT_GATHER_INFO |
2009-01-14 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5838.nasl - Type : ACT_GATHER_INFO |
2008-12-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-11.nasl - Type : ACT_GATHER_INFO |
2008-11-09 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-312-01.nasl - Type : ACT_GATHER_INFO |
2008-10-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1656.nasl - Type : ACT_GATHER_INFO |
2008-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8844.nasl - Type : ACT_GATHER_INFO |
2008-10-16 | Name : The remote Fedora host is missing a security update. File : fedora_2008-8801.nasl - Type : ACT_GATHER_INFO |
2008-10-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ce29ce1d971a11ddab7e001c2514716c.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0937.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_3_9.nasl - Type : ACT_GATHER_INFO |
2008-10-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0937.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5652.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-5653.nasl - Type : ACT_GATHER_INFO |