| VID |
23031 |
| Severity |
40 |
| Port |
631 |
| Protocol |
TCP |
| Class |
CUPS |
| Detailed Description |
The CUPS server is vulnerable to various flaws which allow a remote attacker to shut down the server or even to remotely gain the privileges of the 'lp' user.
Easy Software Products' Common Unix Printing System (CUPS) is a cross-platform printing solution for Unix environments. It is based on the "Internet Printing Protocol", and provides complete printing services to most PostScript and raster printers. CUPS has a web-based graphical interface for printer management and is available on most Linux systems.
Local and remote attackers can exploit various vulnerabilities on vulnerable CUPS versions to gain 'root' or 'lp' privileges.
* Note: Crashed CUPS daemon must be restarted in order to resume normal operations. If the daemon cannot restart, check for the existence of the following files and remove them:
/var/spool/cups/d00*-0*
/var/spool/cups/c00*
* CVE links relative these flaws:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1384
* Platforms Affected:
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17
Apple Computer Inc.
Debian Project
FreeBSD Project
MandrakeSoft Inc.
NetBSD Foundation
Red Hat Inc.
Slackware Linux Inc.
SuSE Inc.
The SCO Group
Turbolinux Inc. |
| Recommendation |
Upgrade to the latest version (1.1.18 or later) of CUPS, available from:
http://www.cups.org/ |
| Related URL |
CVE-2002-1366 (CVE) |
| Related URL |
6435 (SecurityFocus) |
| Related URL |
10907 (ISS) |
|
