Executive Summary
Summary | |
---|---|
Title | CUPS vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-50-1 | First vendor Publication | 2004-12-23 |
Vendor | Ubuntu | Last vendor Modification | 2004-12-23 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: cupsys cupsys-client libcupsimage2 The problem can be corrected by upgrading the affected package to version 1.1.20final+cvs20040330-4ubuntu16.3. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS In this case it could even lead to privilege escalation: if an Please note that the Ubuntu version of CUPS runs as a minimally CAN-2004-1267: Ariel Berkman discovered a buffer overflow in the ParseCommand() CAN-2004-1268, CAN-2004-1269, CAN-2004-1270: Bartlomiej Sieka discovered three flaws in lppasswd. These allowed |
Original Source
Url : http://www.ubuntu.com/usn/USN-50-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10398 | |||
Oval ID: | oval:org.mitre.oval:def:10398 | ||
Title: | lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | ||
Description: | lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1268 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10620 | |||
Oval ID: | oval:org.mitre.oval:def:10620 | ||
Title: | Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | ||
Description: | Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1267 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10830 | |||
Oval ID: | oval:org.mitre.oval:def:10830 | ||
Title: | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | ||
Description: | Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1125 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11507 | |||
Oval ID: | oval:org.mitre.oval:def:11507 | ||
Title: | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | ||
Description: | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1270 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9545 | |||
Oval ID: | oval:org.mitre.oval:def:9545 | ||
Title: | lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | ||
Description: | lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1269 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Cups File : nvt/sles9p5020714.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200412-24 (Xpdf) File : nvt/glsa_200412_24.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200412-25 (CUPS) File : nvt/glsa_200412_25.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-13 (pdftohtml) File : nvt/glsa_200501_13.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-17 (kpdf, koffice) File : nvt/glsa_200501_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-31 (teTeX) File : nvt/glsa_200501_31.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base, fr-cups-base File : nvt/freebsd_cups-base0.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-lpr, fr-cups-lpr File : nvt/freebsd_cups-lpr.nasl |
2008-09-04 | Name : FreeBSD Ports: xpdf File : nvt/freebsd_xpdf0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 619-1 (xpdf) File : nvt/deb_619_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 621-1 (cupsys) File : nvt/deb_621_1.nasl |
2005-11-03 | Name : CUPS < 1.1.23 Multiple Vulnerabilities File : nvt/cups_multiple_vulnerabilities.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12554 | Multiple Vendor pdf Gfx::doImage() Function Overflow |
12454 | CUPS lppasswd passwd.new Arbitrary Append |
12453 | CUPS lppasswd passwd.new File Limit DoS |
12439 | CUPS ParseCommand() Function HPGL File Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-354.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-50-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-48-1.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_40a3bca2680911d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7850a238680a11d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e3e266e9547311d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-04-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-354.nasl - Type : ACT_GATHER_INFO |
2005-03-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-026.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-066.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-057.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-053.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-034.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-31.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-17.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-13.nasl - Type : ACT_GATHER_INFO |
2005-01-18 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-008.nasl - Type : ACT_GATHER_INFO |
2005-01-13 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-018.nasl - Type : ACT_GATHER_INFO |
2005-01-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-013.nasl - Type : ACT_GATHER_INFO |
2005-01-12 | Name : The remote print service is affected by multiple vulnerabilities. File : cups_multiple_vulnerabilities.nasl - Type : ACT_GATHER_INFO |
2005-01-04 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-585.nasl - Type : ACT_GATHER_INFO |
2005-01-04 | Name : The remote Fedora Core host is missing one or more security updates. File : fedora_2004-584.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-162.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-163.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-164.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-165.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-166.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-161.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-621.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-619.nasl - Type : ACT_GATHER_INFO |
2004-12-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200412-24.nasl - Type : ACT_GATHER_INFO |
2004-12-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200412-25.nasl - Type : ACT_GATHER_INFO |
2004-12-27 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-575.nasl - Type : ACT_GATHER_INFO |
2004-12-27 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-574.nasl - Type : ACT_GATHER_INFO |
2004-12-27 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-573.nasl - Type : ACT_GATHER_INFO |
2004-12-27 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-572.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:33 |
|
2013-05-11 12:25:59 |
|