| VID |
23212 |
| Severity |
40 |
| Port |
631 |
| Protocol |
TCP |
| Class |
CUPS |
| Detailed Description |
A version of CUPS server which is older than 1.3.7 is detected as running on the host. Easy Software Products' Common UNIX Printing System (CUPS) is a cross-platform printing solution for UNIX environments that is based on the "Internet Printing Protocol". CUPS has a web-based graphical interface for printer management and is available on most Linux systems. CUPS version 1.3.6 and earlier versions are vulnerable to multiple buffer overflow vulnerabilities in the 'cgiCompileSearch()' function of the 'cgi-bin/search.c' file and the 'gif_read_image()' function of the 'filter/image-gif.c' file.. By sending a specially-crafted packet to TCP port 631, a remote attacker could exploit these vulnerabilities to execute arbitrary code on the system or cause the affected service to crash.
* Note: This check solely relied on the banner of the remote CUPS server to assess this vulnerability, so this might be a false positive.
* References:
http://www.cups.org/str.php?L2729
http://www.cups.org/str.php?L2765
http://www.cups.org/str.php?L2779
http://www.cups.org/articles.php?L537
http://www.frsirt.com/english/advisories/2008/1059
http://www.frsirt.com/english/advisories/2008/0921
http://www.frsirt.com/english/advisories/2008/0924
http://secunia.com/advisories/29431/
* Platforms Affected:
Easy Software Products, CUPS version 1.3.6 and earlier versions
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of CUPS (1.3.7 or later), available from the CUPS Software Web site at http://www.cups.org/software.php |
| Related URL |
CVE-2008-0047,CVE-2008-1373 (CVE) |
| Related URL |
28307,28544 (SecurityFocus) |
| Related URL |
41316,41587,41652 (ISS) |
|
