Vulnerabilities > CVE-2007-5849 - Numeric Errors vulnerability in Easy Software products Cups

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
apple
easy-software-products
CWE-189
critical
nessus
exploit available

Summary

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionCommon UNIX Printing System 1.2/1.3 SNMP 'asn1_get_string()' Remote Buffer Overflow Vulnerability. CVE-2007-5849. Dos exploit for linux platform
idEDB-ID:30898
last seen2016-02-03
modified2007-11-06
published2007-11-06
reporterwei_wang
sourcehttps://www.exploit-db.com/download/30898/
titleCommon UNIX Printing System 1.2/1.3 SNMP 'asn1_get_string' Remote Buffer Overflow Vulnerability

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2007-009.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2007-009 applied. This update contains several security fixes for a large number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id29723
    published2007-12-18
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29723
    titleMac OS X Multiple Vulnerabilities (Security Update 2007-009)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29723);
      script_version("1.27");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id("CVE-2006-0024", "CVE-2007-1218", "CVE-2007-1659", "CVE-2007-1660", "CVE-2007-1661",
                    "CVE-2007-1662", "CVE-2007-3798", "CVE-2007-3876", "CVE-2007-4131", "CVE-2007-4351",
                    "CVE-2007-4572", "CVE-2007-4708", "CVE-2007-4709", "CVE-2007-4710", "CVE-2007-4766",
                    "CVE-2007-4767", "CVE-2007-4768", "CVE-2007-4965", "CVE-2007-5116", "CVE-2007-5379",
                    "CVE-2007-5380", "CVE-2007-5398", "CVE-2007-5476", "CVE-2007-5770", "CVE-2007-5847",
                    "CVE-2007-5848", "CVE-2007-5849", "CVE-2007-5850", "CVE-2007-5851", "CVE-2007-5853",
                    "CVE-2007-5854", "CVE-2007-5855", "CVE-2007-5856", "CVE-2007-5857", "CVE-2007-5858",
                    "CVE-2007-5859", "CVE-2007-5860", "CVE-2007-5861", "CVE-2007-5863", "CVE-2007-6077",
                    "CVE-2007-6165");
      script_bugtraq_id(17106, 22772, 24965, 25417, 25696, 26096, 26268, 26274, 26346,
                        26350, 26421, 26454, 26455, 26510, 26598, 26908, 26910, 26926);
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2007-009)");
      script_summary(english:"Check for the presence of Security Update 2007-009");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues.");
      script_set_attribute(attribute:"description", value:
    "The remote host is running a version of Mac OS X 10.5 or 10.4 that does
    not have Security Update 2007-009 applied. 
    
    This update contains several security fixes for a large number of
    programs.");
      script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=307179");
      script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html");
      script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/advisories/13649");
      script_set_attribute(attribute:"solution", value:"Install Security Update 2007-009.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Mail.app Image Attachment Command Execution');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_cwe_id(16, 20, 22, 79, 119, 134, 189, 200, 264, 287, 310, 362, 399);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/10/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/18");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if ( ! uname ) exit(0);
    if ( egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname) )
    {
      packages = get_kb_item("Host/MacOSX/packages");
      if ( ! packages ) exit(0);
      if (!egrep(pattern:"^SecUpd(Srvr)?(2007-009|200[89]-|20[1-9][0-9]-)", string:packages))
        security_hole(0);
    }
    else if ( egrep(pattern:"Darwin.* (9\.[01]\.)", string:uname) )
    {
     packages = get_kb_item("Host/MacOSX/packages/boms");
     if ( ! packages ) exit(0);
     if ( !egrep(pattern:"^com\.apple\.pkg\.update\.security\.2007\.009\.bom", string:packages) )
    	security_hole(0);
    }
    
  • NASL familyMisc.
    NASL idCUPS_1_3_5.NASL
    descriptionAccording to its banner, the version of CUPS installed on the remote host contains a stack-based integer overflow in
    last seen2020-06-01
    modified2020-06-02
    plugin id29727
    published2007-12-19
    reporterThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29727
    titleCUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote Overflow
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29727);
      script_version("1.28");
      script_cvs_date("Date: 2018/11/15 20:50:23");
    
      script_cve_id("CVE-2007-5849");
      script_bugtraq_id(26917);
    
      script_name(english:"CUPS SNMP Back End (backend/snmp.c) asn1_get_string Function Crafted SNMP Response Remote Overflow");
      script_summary(english:"Checks the CUPS server version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote printer service is affected by a buffer overflow
    vulnerability.");
      script_set_attribute(attribute:"description", value:
    "According to its banner, the version of CUPS installed on the remote
    host contains a stack-based integer overflow in 'asn1_get_string' in
    'backend/snmp.c'. Provided the SNMP backend is configured in CUPS
    (true by default in CUPS 1.2 but not 1.3), an attacker may be able to
    exploit this issue by using specially crafted SNMP responses with
    negative lengths to overflow a buffer and execute arbitrary code on
    the affected system.");
      script_set_attribute(attribute:"see_also", value:"http://www.cups.org/str.php?L2589");
      # http://www.cups.org/articles.php?L519 (this original link is now 404)
      # https://web.archive.org/web/20071222085434/http://www.cups.org:80/articles.php?L519
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?785685d5");
      script_set_attribute(attribute:"solution", value:"Upgrade to CUPS version 1.3.5 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/11/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/19");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:cups");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
    
      script_dependencies("http_version.nasl");
      script_require_ports("Services/www", 631);
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    
    port = get_http_port(default:631, embedded:TRUE);
    
    banner = get_http_banner(port:port, exit_on_fail: 1);
    
    # Get the version.
    source = "";
    version = "";
    
    #   - try the Server response header.
    server = chomp(egrep(string: banner, pattern: "^Server:"));
    if (server)
    {
      if ("CUPS" >!< server) audit(AUDIT_NOT_LISTEN, "CUPS", port);
    
      set_kb_item(name:"www/"+port+"/cups/running", value:TRUE);
      v = eregmatch(string: server, pattern: "CUPS/([0-9][^ ]*)");
      if (!isnull(v))
      {
        version = v[1];
        source = server;
      }
    }
    
    #   - look in the title if ServerTokens is 'ProductOnly', 'Major', or 'Minor'.
    if (!version || ereg(pattern:"^[0-9]+(\.[0-9]+)?$", string:version))
    {
      res = tolower(http_get_cache(port:port, item:'/', exit_on_fail:TRUE));
    
      # Check for a few strings to make sure it's CUPS if there's no Server response header.
      if (!server)
      {
        if (
          (
            '<title>home - cups' >< res ||
            '</a> cups is copyright '  >< res ||
            '</a>. cups is copyright '  >< res ||
            '<td class="trailer">cups and the cups logo are trademarks ' >< res ||
            '<small>the common unix printing sytem, cups, and the cups logo are the trademark ' >< res
          ) &&
          (
            '<link rel="shortcut icon" href="/images/cups-icon.png"' >< res ||
            '<td class="unsel"><a href="/jobs">' >< res ||
            '<a class="unsel" href="/jobs">' >< res ||
            '<a href="/admin?op=add-printer">' >< res
          )
        ) set_kb_item(name:"www/"+port+"/cups/running", value:TRUE);
        else audit(AUDIT_NOT_LISTEN, "CUPS", port);
      }
    
      pat = "<title>.*cups v?([0-9.rcb]+).*</title>";
      matches = egrep(pattern:pat, string:res);
      if (matches)
      {
        foreach match (split(matches, keep:FALSE))
        {
          item = eregmatch(pattern:pat, string:match);
          if (!isnull(item))
          {
            version = item[1];
            source = match;
            break;
          }
        }
      }
    }
    if (!version) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, "CUPS", port);
    
    set_kb_item(name:"www/cups", value:TRUE);
    set_kb_item(name:"cups/"+port+"/version", value:version);
    set_kb_item(name:"cups/"+port+"/source", value:source);
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    # nb: STR #2589 says 1.1 is not affected.
    if (
      version =~ "^1\.(2|3\.[0-4])($|[^0-9])" ||
      version =~ "^1\.3(rc|b)"
    )
    {
      if (report_verbosity > 0)
      {
        report = '\n  Version source    : ' + source +
                 '\n  Installed version : ' + version +
                 '\n  Fixed version     : 1.3.5' + 
                 '\n';
    
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
      exit(0);
    }
    else if (version =~ "^(1|1\.3)($|[^0-9.])") audit(AUDIT_VER_NOT_GRANULAR, "CUPS", port, version);
    else audit(AUDIT_LISTEN_NOT_VULN, "CUPS", port, version);
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1437.NASL
    descriptionSeveral local vulnerabilities have been discovered in the Common UNIX Printing System. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-5849 Wei Wang discovered that an buffer overflow in the SNMP backend may lead to the execution of arbitrary code. - CVE-2007-6358 Elias Pipping discovered that insecure handling of a temporary file in the pdftops.pl script may lead to local denial of service. This vulnerability is not exploitable in the default configuration.
    last seen2020-06-01
    modified2020-06-02
    plugin id29803
    published2007-12-27
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29803
    titleDebian DSA-1437-1 : cupsys - several vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1437. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29803);
      script_version("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:20");
    
      script_cve_id("CVE-2007-5849", "CVE-2007-6358");
      script_xref(name:"DSA", value:"1437");
    
      script_name(english:"Debian DSA-1437-1 : cupsys - several vulnerabilities");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several local vulnerabilities have been discovered in the Common UNIX
    Printing System. The Common Vulnerabilities and Exposures project
    identifies the following problems :
    
      - CVE-2007-5849
        Wei Wang discovered that an buffer overflow in the SNMP
        backend may lead to the execution of arbitrary code.
    
      - CVE-2007-6358
        Elias Pipping discovered that insecure handling of a
        temporary file in the pdftops.pl script may lead to
        local denial of service. This vulnerability is not
        exploitable in the default configuration."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2007-5849"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2007-6358"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2007-5849"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2007/dsa-1437"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the cupsys packages.
    
    The old stable distribution (sarge) is not affected by CVE-2007-5849.
    The other issue doesn't warrant an update on it's own and has been
    postponed.
    
    For the stable distribution (etch), these problems have been fixed in
    version 1.2.7-4etch2."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:cupsys");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"4.0", prefix:"cupsys", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"cupsys-bsd", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"cupsys-client", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"cupsys-common", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"cupsys-dbg", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"libcupsimage2", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"libcupsimage2-dev", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"libcupsys2", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"libcupsys2-dev", reference:"1.2.7-4etch2")) flag++;
    if (deb_check(release:"4.0", prefix:"libcupsys2-gnutls10", reference:"1.2.7-4etch2")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200712-14.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200712-14 (CUPS: Multiple vulnerabilities) Wei Wang (McAfee AVERT Research) discovered an integer underflow in the asn1_get_string() function of the SNMP backend, leading to a stack-based buffer overflow when handling SNMP responses (CVE-2007-5849). Elias Pipping (Gentoo) discovered that the alternate pdftops filter creates temporary files with predictable file names when reading from standard input (CVE-2007-6358). Furthermore, the resolution of a Denial of Service vulnerability covered in GLSA 200703-28 introduced another Denial of Service vulnerability within SSL handling (CVE-2007-4045). Impact : A remote attacker on the local network could exploit the first vulnerability to execute arbitrary code with elevated privileges by sending specially crafted SNMP messages as a response to an SNMP broadcast request. A local attacker could exploit the second vulnerability to overwrite arbitrary files with the privileges of the user running the CUPS spooler (usually lp) by using symlink attacks. A remote attacker could cause a Denial of Service condition via the third vulnerability when SSL is enabled in CUPS. Workaround : To disable SNMP support in CUPS, you have have to manually delete the file
    last seen2020-06-01
    modified2020-06-02
    plugin id29734
    published2007-12-19
    reporterThis script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29734
    titleGLSA-200712-14 : CUPS: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200712-14.
    #
    # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29734);
      script_version("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:44");
    
      script_cve_id("CVE-2007-4045", "CVE-2007-5849", "CVE-2007-6358");
      script_xref(name:"GLSA", value:"200712-14");
    
      script_name(english:"GLSA-200712-14 : CUPS: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200712-14
    (CUPS: Multiple vulnerabilities)
    
        Wei Wang (McAfee AVERT Research) discovered an integer underflow in the
        asn1_get_string() function of the SNMP backend, leading to a
        stack-based buffer overflow when handling SNMP responses
        (CVE-2007-5849). Elias Pipping (Gentoo) discovered that the alternate
        pdftops filter creates temporary files with predictable file names when
        reading from standard input (CVE-2007-6358). Furthermore, the
        resolution of a Denial of Service vulnerability covered in GLSA
        200703-28 introduced another Denial of Service vulnerability within SSL
        handling (CVE-2007-4045).
      
    Impact :
    
        A remote attacker on the local network could exploit the first
        vulnerability to execute arbitrary code with elevated privileges by
        sending specially crafted SNMP messages as a response to an SNMP
        broadcast request. A local attacker could exploit the second
        vulnerability to overwrite arbitrary files with the privileges of the
        user running the CUPS spooler (usually lp) by using symlink attacks. A
        remote attacker could cause a Denial of Service condition via the third
        vulnerability when SSL is enabled in CUPS.
      
    Workaround :
    
        To disable SNMP support in CUPS, you have have to manually delete the
        file '/usr/libexec/cups/backend/snmp'. Please note that the file is
        reinstalled if you merge CUPS again later. To disable the pdftops
        filter, delete all lines referencing 'pdftops' in CUPS' 'mime.convs'
        configuration file. To work around the third vulnerability, disable SSL
        support via the corresponding USE flag."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200703-28"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200712-14"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All CUPS users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=net-print/cups-1.2.12-r4'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:cups");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2007/12/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"net-print/cups", unaffected:make_list("rge 1.2.12-r4", "ge 1.3.5"), vulnerable:make_list("lt 1.3.5"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "CUPS");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-036.NASL
    descriptionWei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code (CVE-2007-5849). As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling (CVE-2007-4045). The updated packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37571
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37571
    titleMandriva Linux Security Advisory : cups (MDVSA-2008:036)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2008:036. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37571);
      script_version ("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:50");
    
      script_cve_id("CVE-2007-4045", "CVE-2007-5849");
      script_xref(name:"MDVSA", value:"2008:036");
    
      script_name(english:"Mandriva Linux Security Advisory : cups (MDVSA-2008:036)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Wei Wang found that the SNMP discovery backend in CUPS did not
    correctly calculate the length of strings. If a user could be tricked
    into scanning for printers, a remote attacker could send a specially
    crafted packet and possibly execute arbitrary code (CVE-2007-5849).
    
    As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another
    denial of service regression within SSL handling (CVE-2007-4045).
    
    The updated packages have been patched to correct these issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_cwe_id(189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-serial");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cups2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cups2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cups");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/02/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2007.0", reference:"cups-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"cups-common-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"cups-serial-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64cups2-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", cpu:"x86_64", reference:"lib64cups2-devel-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libcups2-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"libcups2-devel-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"php-cups-1.2.4-1.6mdv2007.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2007.1", reference:"cups-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"cups-common-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"cups-serial-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64cups2-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"x86_64", reference:"lib64cups2-devel-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libcups2-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"libcups2-devel-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.1", reference:"php-cups-1.2.10-2.4mdv2007.1", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2008.0", reference:"cups-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"cups-common-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"cups-serial-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64cups2-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64cups2-devel-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libcups2-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libcups2-devel-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2008.0", reference:"php-cups-1.3.0-3.4mdv2008.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-11 (AMD64 x86 emulation base libraries: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in AMD64 x86 emulation base libraries. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code, cause a Denial of Service condition, or obtain sensitive information. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id79964
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79964
    titleGLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 201412-11.
    #
    # The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(79964);
      script_version("1.10");
      script_cvs_date("Date: 2019/11/12");
    
      script_cve_id("CVE-2007-0720", "CVE-2007-1536", "CVE-2007-2026", "CVE-2007-2445", "CVE-2007-2741", "CVE-2007-3108", "CVE-2007-4995", "CVE-2007-5116", "CVE-2007-5135", "CVE-2007-5266", "CVE-2007-5268", "CVE-2007-5269", "CVE-2007-5849", "CVE-2010-1205", "CVE-2013-0338", "CVE-2013-0339", "CVE-2013-1664", "CVE-2013-1969", "CVE-2013-2877", "CVE-2014-0160");
      script_bugtraq_id(41174, 58180, 58892, 59000, 59265, 61050, 66690);
      script_xref(name:"GLSA", value:"201412-11");
    
      script_name(english:"GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-201412-11
    (AMD64 x86 emulation base libraries: Multiple vulnerabilities)
    
        Multiple vulnerabilities have been discovered in AMD64 x86 emulation
          base libraries. Please review the CVE identifiers referenced below for
          details.
      
    Impact :
    
        A context-dependent attacker may be able to execute arbitrary code,
          cause a Denial of Service condition, or obtain sensitive information.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/201412-11"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All users of the AMD64 x86 emulation base libraries should upgrade to
          the latest version:
          # emerge --sync
          # emerge --ask --oneshot --verbose
          '>=app-emulation/emul-linux-x86-baselibs-20140406-r1'
        NOTE: One or more of the issues described in this advisory have been
          fixed in previous updates. They are included in this advisory for the
          sake of completeness. It is likely that your system is already no longer
          affected by them."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_cwe_id(20, 119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:emul-linux-x86-baselibs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/13");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/12/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/12/15");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-emulation/emul-linux-x86-baselibs", unaffected:make_list("ge 20140406-r1"), vulnerable:make_list("lt 20140406-r1"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "AMD64 x86 emulation base libraries");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_CUPS-4806.NASL
    descriptionThis update fixes a buffer overflow that can be exploited by users that are allowed to configure CUPS. (CVE-2007-5848) Additionally a buffer overflow in the SNMP backend of CUPS was fixed that allowed remote attackers to execute arbitrary code by sending specially crafted SNMP responses. (CVE-2007-5849) This vulnerability affects 10.2 and 10.3 only.
    last seen2020-06-01
    modified2020-06-02
    plugin id29914
    published2008-01-10
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29914
    titleopenSUSE 10 Security Update : cups (cups-4806)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-563-1.NASL
    descriptionWei Wang discovered that the SNMP discovery backend did not correctly calculate the length of strings. If a user were tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code. Elias Pipping discovered that temporary files were not handled safely in certain situations when converting PDF to PS. A local attacker could cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id29919
    published2008-01-10
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/29919
    titleUbuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : cupsys vulnerabilities (USN-563-1)

Seebug

  • bulletinFamilyexploit
    descriptionCVE-2007-4708 CVE-2007-4709 CVE-2007-4710 CVE-2007-5847 CVE-2007-5848 CVE-2007-5849 CVE-2007-5850 CVE-2007-5851 CVE-2007-5853 CVE-2007-5854 CVE-2007-5855 CVE-2007-5856 CVE-2007-5857 CVE-2007-5859 CVE-2007-5876 CVE-2007-5860 CVE-2007-5861 These issues affect Mac OS X and various applications, including Address Book, CFNetwork, ColorSync, CoreFoundation, CUPS, Desktop Services, iChat, IO Storage Family, Launch Services, Mail, Quick Look, Safari, Safari RSS, SMB, Software Update, Spin Tracer, Spotlight, tcpdump, and XQuery. Attackers may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and potentially compromise vulnerable computers. Apple Mac OS X 10.5.1 and prior versions are vulnerable to these issues. rPath rPath Linux 1 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.1 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.5 Apple Mac OS X Server 10.4.11 Apple Security Update 2007-009 (10.4.11 PPC) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009Univ.dmg Apple Security Update 2007-009 (10.4.11 Universal) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009Univ.dmg Apple Mac OS X 10.4.11 Apple Security Update 2007-009 (10.4.11 PPC) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009Univ.dmg Apple Security Update 2007-009 (10.4.11 Universal) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16521&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009Univ.dmg Apple Mac OS X Server 10.5.1 Apple Security Update 2007-009 (10.5.1) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16527&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16527&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009.dmg Apple Mac OS X 10.5.1 Apple Security Update 2007-009 (10.5.1) <a href=http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16527&amp;cat= target=_blank>http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16527&amp;cat=</a> 1&amp;platform=osx&amp;method=sa/SecUpd2007-009.dmg
    idSSV:2771
    last seen2017-11-19
    modified2008-01-06
    published2008-01-06
    reporterRoot
    titleApple Mac OS X v10.5.1 2007-009 Multiple Security Vulnerabilities
  • bulletinFamilyexploit
    descriptionBUGTRAQ ID: 26917 CVE(CAN) ID: CVE-2007-5849 Common Unix Printing System (CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 CUPS处理包含畸形数据的SNMP请求时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 CUPS的backend/snmp.c文件中的asn1_get_string()函数存在符号错误。当后端SNMP程序广播SNMP请求发现网络打印服务器时,攻击者可以回复畸形的SNMP请求,后端SNMP程序处理包含有负值asn1编码字符串的SNMP响应时就会触发栈溢出,导致拒绝服务或执行任意指令。 Apple CUPS &lt;= 1.3.4 Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.cups.org/strfiles/2589/str2589.patch target=_blank>http://www.cups.org/strfiles/2589/str2589.patch</a> Debian ------ Debian已经为此发布了一个安全公告(DSA-1437-1)以及相应补丁: DSA-1437-1:New cupsys packages fix several vulnerabilities 链接:<a href=http://www.debian.org/security/2007/dsa-1437 target=_blank>http://www.debian.org/security/2007/dsa-1437</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.dsc target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.dsc</a> Size/MD5 checksum: 1084 7eda7d3797d141d174e163f837cd91b4 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz</a> Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.diff.gz target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2.diff.gz</a> Size/MD5 checksum: 103089 a856a1ff975042783cb87f23d15e5b3a Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch2_all.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch2_all.deb</a> Size/MD5 checksum: 45246 3216cd80859aa97b7c8c5774b2462db2 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch2_all.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch2_all.deb</a> Size/MD5 checksum: 893020 28b90e7e58400b9216f72cecf7de0d4a alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 1096542 686386cd43230708d49cea4af0d57b9f <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 94468 32d1efdef788039ac00ed1e57a6fcc47 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 1608840 d042363f0999e1f11939e3f5e8de8b38 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 72432 5e43d1208715258c4ff09dcee0fa4081 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 86284 dca9ccc53cb8fcf7b8e1a44b8e76a6ad <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 184372 cb6c4f2c2a08ccc55c25c35d039fe400 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 39260 cdfc7a39f71c1aed6973a2956cf8749d <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_alpha.deb</a> Size/MD5 checksum: 174608 e2c1ebf86bfc9f538a640c8ea385330f amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 142552 60167bc344afbaa54904b295c78def9c <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 36366 3feca5f614aca7d527b1beba01462f6e <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 161666 65ebf0f70d842eeb8adc309946357b4d <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 85314 0be1f821b4880c7a4b83cd7779edbce4 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 80704 26db3ea2f4aee728ead9ffba2686b827 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 1574360 3a1e7f5f6a8766a1f89aa65fc47c5d72 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 52862 3e8caecdc231fcded29f0029b76019a8 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_amd64.deb</a> Size/MD5 checksum: 1085694 235f96f3c07947ab11cd4222490441f0 arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 48532 08ce8a9c2d9edf30a381ddc34073c397 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 1025036 c3165815ab4292c0b200176c4c0ad7d6 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 35924 02c6ebde8deb0fcb39074deb5895b95b <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 78912 33627a4c4e1dd3b4001f165cfda64259 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 132054 c4e04d8fb763e599931f3cb0207d84cb <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 154314 0dcbd01293a5a0925af776bc0d6490fa <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 84494 66ff0b8a8b07d0faddee758806e044be <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_arm.deb</a> Size/MD5 checksum: 1568356 725c88c2ac3737a0a323e82a5877f8f9 hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 39264 528456372ac16c6dc257d2672a24cc84 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 85260 60da86a4e6b72d49f3c405cda6eaaa33 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 90316 7d7093a9bca7c6ee4a190eaea715cf1f <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 57026 7e78c5bf532b9761b6ebc290c4c24b94 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 171548 37bfd1849d459be20f5df6da4d0e8f19 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 1611932 3a3e91d8c878c6ec42a99d1bfacbafac <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 154600 fc87ba725d54223245d9cb71777307a7 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_hppa.deb</a> Size/MD5 checksum: 1031728 cdcfb63a3a2200f4ca36aa0d530c32d9 i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 53068 e28d98e95a5e543991b996e84d028863 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 138280 28df76637f6b23d98ec81f6a7bf2b6ba <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 159796 fa2db05d879ce293041be45683febe8b <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 1547840 6d7396410919ae7207d3d9aadfb5026f <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 79880 c392020f91e2901d4122ef6a1fa08fed <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 85778 a11291b1a834d42ba160fb8d92db0c3a <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 997490 0d91574ed291678037351dd0a32f445f <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_i386.deb</a> Size/MD5 checksum: 36476 ee84ce1774c646915ba410dadcda3470 ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 1107194 dc683bec9dcfffc4a1e020b2859e1fab <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 106228 db41cfc57bf2d43da703285f9790344c <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 46332 f52d7a07c6acf6613da1ae43f64b8ef7 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 203378 9da06426a99702d4485b528d542b666d <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 105872 cd243300f6b804b2501e5681401c574e <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 73934 b3618bd2d5b1de8371ea56301312ef3a <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 192368 35aba3be08e6a72b54617bb666b12d4c <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_ia64.deb</a> Size/MD5 checksum: 1769808 8d0ab1028149cabd9d946c44cf4d4f86 mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 77158 5302b4e5edb3d0d7733481eaabdbddcf <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 85874 d6beacabf8db05137b4c4357ea7557e9 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 157884 d0f4ed5d1da24041179f9f2697f2ffcb <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 1096124 feea35b2ae01af3b06ee3ce8a854324e <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 35968 0bb0b6c1018c466326b6406de4af093e <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 150766 ff55f24b0b36722265644252857d8b5c <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 1550792 97167182293fc8400cb9fefffc3670e7 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mips.deb</a> Size/MD5 checksum: 57384 b2473f40bde45105c0bdec916ff93cdb mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 86054 f78f586a8f15727e28c67bca58caaa26 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 1552410 94190014545b85b403a21e97d9901776 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 157716 e0bd0f1e90b1124b1441bc1f313a7764 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 1083814 a5968478d72e11f19d4e019d3095e51f <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 36068 363ff5b0694c2fef407a92dea1ba1c4e <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 77458 db7144590602bf3cf25cba5fdce485a8 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 57700 04626a4cb44728ea61bcb7f8d8ddc1ed <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_mipsel.deb</a> Size/MD5 checksum: 150902 f3cb4f6ca36503d7b70aab6d559199d2 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 51792 e89680c8a9b4851ebb5ad0d304e6bbb7 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 90002 ce367709844a87951f810524aadfea4c <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 136864 0aabc007ab84b86a77f6c601ba8d44fd <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 87576 f18bba76c873a6238e78a80182c0cd38 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 1575144 506c85d9a8b03be737ccb8dd3fd31248 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 1141712 b6ab866de7c8c6f2051c2a813003a722 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 162358 08096969b7e8ef48d2ece9a86600004a <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_powerpc.deb</a> Size/MD5 checksum: 41290 b7eb0528a3b1b8bd07247fd9e16b76c2 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 1586292 01001ec68f5ff6a090ebff3099265be0 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 1035680 081c5ca040751dc4ec59d2a83289099c <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 86854 5011337fee7f4dcfb62a6c95f7054e98 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 37422 731fb2009fa3cf47e270c35348d2e3e4 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 82338 4f93e2f975642addd238eecf78a94779 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 165816 c69411004d08763f1b86a5d517592fc7 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 144946 74bca185776b08ac50a9abcc17019e68 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_s390.deb</a> Size/MD5 checksum: 52260 1324db10b3374beb81b98032ba92e2b8 sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 51580 6052b09bd8c4cb9600156b24f185122a <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 139570 2aa5b4d2d64849aa048489332f7e3aca <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 1561428 59199c965cba64d0aaf9a2de6c3432b6 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 84282 edec6a1d4af9df91f2d2b5c20553dbe9 <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 990474 e276a14d21a6d7661c91c3420c96e142 <a href=http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 158256 d43c9657a710bb5969e704208502f59f <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 78514 32c106b3332c95dd0f24d6cf5d208add <a href=http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch2_sparc.deb</a> Size/MD5 checksum: 36020 751c12e8f83f04b5fd54d4a23abdf6fc 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade Gentoo ------ Gentoo已经为此发布了一个安全公告(GLSA-200712-14)以及相应补丁: GLSA-200712-14:CUPS: Multiple vulnerabilities 链接:<a href=http://security.gentoo.org/glsa/glsa-200712-14.xml target=_blank>http://security.gentoo.org/glsa/glsa-200712-14.xml</a> 所有CUPS用户都应升级到最新版本: # emerge --sync # emerge --ask --oneshot --verbose &quot;&gt;=net-print/cups-1.2.12-r4&quot;
    idSSV:2766
    last seen2017-11-19
    modified2008-01-04
    published2008-01-04
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-2766
    titleCUPS SNMP后端asn1_get_string()函数远程栈溢出漏洞

Statements

contributorJoshua Bressers
lastmodified2008-01-02
organizationRed Hat
statementNot vulnerable. This flaw does not affect the version of CUPS shipped in Red Hat Enterprise Linux 3 or 4. After a detailed analysis of this flaw, it has been determined it does not pose a security threat on Red Hat Enterprise Linux 5. For more details regarding this analysis, please see: https://bugzilla.redhat.com/show_bug.cgi?id=415131