| VID |
23102 |
| Severity |
40 |
| Port |
631 |
| Protocol |
TCP |
| Class |
CUPS |
| Detailed Description |
The CUPS server, according to its version number, has multiple vulnerabilities(2). Easy Software Products' Common UNIX Printing System (CUPS) is a cross-platform printing solution for UNIX environments that is based on the "Internet Printing Protocol". CUPS has a web-based graphical interface for printer management and is available on most Linux systems. CUPS versions between 1.0.4 and 1.1.22 are affected to multiple vulnerabilities as follows:
- A remotely exploitable buffer overflow exists in the hpgltops filter that enable specially crafted HPGL files can execute arbitrary commands as the CUPS 'lp' account
- A local user may be able to prevent anyone from changing his or her password until a temporary copy of the new password file is cleaned up (lppasswd flaw)
- A local user may be able to add arbitrary content to the password file by closing the stderr file descriptor while running lppasswd (lppasswd flaw)
- A local attacker may be able to truncate the CUPS password file, thereby denying service to valid clients using digest authentication (lppasswd flaw).
- A remote attacker, by issuing a specially crafted HTTP GET request, can cause the CUPS service to hang and consume all available CPU resources.
* Note: This check solely relied on the version number of the remote CUPS server to assess this vulnerability, so this might be a false positive.
* References:
http://www.cups.org/str.php?L1024
http://www.cups.org/str.php?L1023
http://www.securitytracker.com/alerts/2005/Jan/1012811.html
* Platforms Affected:
Easy Software Products, CUPS (Common UNIX Printing System) 1.1.22 and earlier
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of CUPS (1.1.23 or later), available from the CUPS Software Web site at http://www.cups.org/software.php |
| Related URL |
CVE-2004-1267,CVE-2004-1268,CVE-2004-1269,CVE-2004-1270 (CVE) |
| Related URL |
11968,12004,12005,12007,12200 (SecurityFocus) |
| Related URL |
18604,18606,18608,18609,18804 (ISS) |
|
