Executive Summary
Summary | |
---|---|
Title | CUPS vulnerability |
Informations | |||
---|---|---|---|
Name | USN-1012-1 | First vendor Publication | 2010-11-04 |
Vendor | Ubuntu | Last vendor Modification | 2010-11-04 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.9 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 5.5 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 8.04 LTS: Ubuntu 9.10: Ubuntu 10.04 LTS: Ubuntu 10.10: In general, a standard system update will make all the necessary changes. Details follow: Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol (IPP) packets. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. In the default installation in Ubuntu 8.04 LTS and later, attackers would be isolated by the CUPS AppArmor profile. |
Original Source
Url : http://www.ubuntu.com/usn/USN-1012-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12954 | |||
Oval ID: | oval:org.mitre.oval:def:12954 | ||
Title: | DSA-2176-1 cups -- several | ||
Description: | Several vulnerabilities have been discovered in the Common UNIX Printing System: CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service. CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service. CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface. CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service. CVE-2010-1748 Information disclosure in the web interface. CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. CVE-2010-2432 Denial of service in the authentication code. CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2176-1 CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22210 | |||
Oval ID: | oval:org.mitre.oval:def:22210 | ||
Title: | RHSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0866-02 CVE-2010-2941 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22217 | |||
Oval ID: | oval:org.mitre.oval:def:22217 | ||
Title: | RHSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0811-01 CESA-2010:0811 CVE-2010-2431 CVE-2010-2941 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22255 | |||
Oval ID: | oval:org.mitre.oval:def:22255 | ||
Title: | ELSA-2010:0811: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0811-01 CVE-2010-2431 CVE-2010-2941 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23225 | |||
Oval ID: | oval:org.mitre.oval:def:23225 | ||
Title: | ELSA-2010:0866: cups security update (Important) | ||
Description: | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0866-02 CVE-2010-2941 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27944 | |||
Oval ID: | oval:org.mitre.oval:def:27944 | ||
Title: | DEPRECATED: ELSA-2010-0866 -- cups security update (important) | ||
Description: | [1:1.4.2-35:.1] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0866 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | cups |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28063 | |||
Oval ID: | oval:org.mitre.oval:def:28063 | ||
Title: | DEPRECATED: ELSA-2010-0811 -- cups security update (important) | ||
Description: | [1.3.7-18:.8] - Applied patch to fix cupsd memory corruption vulnerability (CVE-2010-2941, STR #3648, bug #624438). - Fix latent privilege escalation vulnerability (CVE-2010-2431, STR #3510, bug #605397). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010-0811 CVE-2010-2431 CVE-2010-2941 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | cups |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201207-10 (cups) File : nvt/glsa_201207_10.nasl |
2011-09-12 | Name : Fedora Update for cups FEDORA-2011-11221 File : nvt/gb_fedora_2011_11221_cups_fc14.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2176-1 (cups) File : nvt/deb_2176_1.nasl |
2010-12-02 | Name : Fedora Update for cups FEDORA-2010-17641 File : nvt/gb_fedora_2010_17641_cups_fc14.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17615 File : nvt/gb_fedora_2010_17615_cups_fc13.nasl |
2010-11-23 | Name : Fedora Update for cups FEDORA-2010-17627 File : nvt/gb_fedora_2010_17627_cups_fc12.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:232 (cups) File : nvt/gb_mandriva_MDVSA_2010_232.nasl |
2010-11-23 | Name : Mandriva Update for cups MDVSA-2010:233 (cups) File : nvt/gb_mandriva_MDVSA_2010_233.nasl |
2010-11-18 | Name : CUPS IPP Use-After-Free Denial of Service Vulnerability File : nvt/gb_cupsd_ipp_use_after_free_dos_vuln.nasl |
2010-11-16 | Name : Ubuntu Update for cups, cupsys vulnerability USN-1012-1 File : nvt/gb_ubuntu_USN_1012_1.nasl |
2010-11-04 | Name : RedHat Update for cups RHSA-2010:0811-01 File : nvt/gb_RHSA-2010_0811-01_cups.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-333-01 cups File : nvt/esoft_slk_ssa_2010_333_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68951 | CUPS IPP Request Handling Use-After-Free Arbitrary Code Execution CUPS contains a flaw related to the 'ipp.c' function's failure to allocate memory correctly for attribute values with invalid string data types, creating a use-after-free error. This may allow a remote attacker to use a crafted IPP request to execute arbitrary code. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CUPS IPP multi-valued attribute memory corruption attempt RuleID : 26972 - Revision : 4 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23139 - Revision : 5 - Type : SERVER-OTHER |
2014-01-10 | Apple CUPS IPP memory corruption attempt RuleID : 23138 - Revision : 5 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_cups-101124.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_cups_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101028_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201207-10.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_cups-101124.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2176.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_cups-101119.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-333-01.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote print service is affected by multiple vulnerabilities. File : cups_1_4_5.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17627.nasl - Type : ACT_GATHER_INFO |
2010-11-23 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17615.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0866.nasl - Type : ACT_GATHER_INFO |
2010-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17641.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-233.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-232.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1012-1.nasl - Type : ACT_GATHER_INFO |
2010-10-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0811.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:03 |
|