LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How strictly do your users obey your security policies?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Security Week: November 17th, 2008
Linux Advisory Watch: November 14th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated cups packages fix multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Dave Camp at Critical Path Software discovered a buffer overflow in CUPS 1.1.23 and earlier could allow local admin users to execute arbitrary code via a crafted URI to the CUPS service (CVE-2007-5848). The Red Hat Security Team also found two flaws in CUPS 1.1.x where a malicious user on the local subnet could send a set of carefully crafted IPP packets to the UDP port in such a way as to cause CUPS to crash (CVE-2008-0597) or consume memory and lead to a CUPS crash (CVE-2008-0596). 
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:050
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : cups
 Date    : February 26, 2008
 Affected: Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 Dave Camp at Critical Path Software discovered a buffer overflow
 in CUPS 1.1.23 and earlier could allow local admin users to execute
 arbitrary code via a crafted URI to the CUPS service (CVE-2007-5848).
 
 The Red Hat Security Team also found two flaws in CUPS 1.1.x where
 a malicious user on the local subnet could send a set of carefully
 crafted IPP packets to the UDP port in such a way as to cause CUPS
 to crash (CVE-2008-0597) or consume memory and lead to a CUPS crash
 (CVE-2008-0596).
 
 Finally, another flaw was found in how CUPS handled the addition and
 removal of remote printers via IPP that could allow a remote attacker
 to send a malicious IPP packet to the UDP port causing CUPS to crash
 (CVE-2008-0882).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5848
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0596
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0597
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0886
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 71c1bd1c9099440da3e9afcfe4636525  corporate/3.0/i586/cups-1.1.20-5.16.C30mdk.i586.rpm
 a73fba38dbcf62fd4c64590e5d754126  corporate/3.0/i586/cups-common-1.1.20-5.16.C30mdk.i586.rpm
 60b6e82788d5b0c51f68b0db44e31240  corporate/3.0/i586/cups-serial-1.1.20-5.16.C30mdk.i586.rpm
 419d078e2df1396531c23cbbf2f2785d  corporate/3.0/i586/libcups2-1.1.20-5.16.C30mdk.i586.rpm
 064e5b42b27c90602bf8e7c47200bef8  corporate/3.0/i586/libcups2-devel-1.1.20-5.16.C30mdk.i586.rpm 
 5c363b9a8573a4ae3da5e654da34bae5  corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 c33aff1c5bab9bce22f7a018f2fbfe7d  corporate/3.0/x86_64/cups-1.1.20-5.16.C30mdk.x86_64.rpm
 ba1cba41b479e332e8d43652af86756d  corporate/3.0/x86_64/cups-common-1.1.20-5.16.C30mdk.x86_64.rpm
 211561645f6743343a0a9189ecd8e24e  corporate/3.0/x86_64/cups-serial-1.1.20-5.16.C30mdk.x86_64.rpm
 d1cb2198f9b73cfb5d2ae3d69bacf12c  corporate/3.0/x86_64/lib64cups2-1.1.20-5.16.C30mdk.x86_64.rpm
 104350956cda23c2e2f5bb05a22df9c7  corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.16.C30mdk.x86_64.rpm 
 5c363b9a8573a4ae3da5e654da34bae5  corporate/3.0/SRPMS/cups-1.1.20-5.16.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
 
< Prev   Next >
    
Partner:

 
Latest Features
A Secure Nagios Server
Never Installed a Firewall on Ubuntu? Try Firestarter
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Yesterday's Edition
Zeroshell Delivers Big Network Services in a Small Package

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.