Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: CUPS
« previous next »
Pages: [1]   Go Down

CUPS

  • 0 Replies
  • 329 Views

Mike O'Leary

CUPS
« on: December 20, 2002, 11:33:44 AM »
Does e-smith use the CUPS "Common Unix Printing System (CUPS)"
if so, does the latest problems affect us in anyway and if so will there be a update issued, see http://www.idefense.com/advisory/12.19.02.txt for more information,

Thanks
Mike

II. DESCRIPTION

Exploitation of multiple CUPS vulnerabilities allow local and remote
attackers in the worst of the scenarios to gain root privileges. The
following test platforms were used for various parts of this advisory:

[1] - Red Hat Linux 7.0 running CUPS-1.1.14-5 (RPM)
[2] - Red Hat Linux 7.3 running CUPS-1.1.14-15 (RPM)
[3] - Red Hat Linux 7.3 running CUPS-1.1.17 (Source Install)

VII. CVE INFORMATION

The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project has
assigned the following identification numbers to these issues:

CAN-2002-1383: ISSUE 1 - Multiple Integer Overflows
CAN-2002-1366: ISSUE 2 - /etc/cups/certs/ Race Condition
CAN-2002-1367: ISSUE 3 - Adding Printers with UDP Packets/
                         Root Certificate Design Flaw
CAN-2002-1368: ISSUE 4 - Negative Length Memcpy() Calls
CAN-2002-1369: ISSUE 5 - Unsafe Strncat Function Call in jobs.c
CAN-2002-1371: ISSUE 6 - Zero Width Images in filters/image-gif.c
CAN-2002-1372: ISSUE 7 - File Descriptor Resource Leaks
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: CUPS