English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 72022 CVE Beschreibungen
und 38680 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.62912
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDVSA-2008:211 (cups)
Zusammenfassung:Mandrake Security Advisory MDVSA-2008:211 (cups)
Beschreibung:
The remote host is missing an update to cups
announced via advisory MDVSA-2008:211.

A buffer overflow in the SGI image format decoding routines used by the
CUPS image converting filter imagetops was discovered. An attacker
could create malicious SGI image files that could possibly execute
arbitrary code if the file was printed (CVE-2008-3639).

An integer overflow flaw leading to a heap buffer overflow was found
in the Text-to-PostScript texttops filter. An attacker could create
a malicious text file that could possibly execute arbitrary code if
the file was printed (CVE-2008-3640).

Finally, an insufficient buffer bounds checking flaw was found in
the HP-GL/2-to-PostScript hpgltops filter. An attacker could create
a malicious HP-GL/2 file that could possibly execute arbitrary code
if the file was printed (CVE-2008-3641).

The updated packages have been patched to prevent this issue
for
Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided
that corrects these issues and also provides other bug fixes.

Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:211

Risk factor : Critical
Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-3639
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=753
Debian Security Information: DSA-1656 (Google Search)
http://www.debian.org/security/2008/dsa-1656
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html
http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:211
http://www.redhat.com/support/errata/RHSA-2008-0937.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1
SuSE Security Announcement: SUSE-SR:2008:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
http://www.ubuntulinux.org/support/documentation/usn/usn-656-1
BugTraq ID: 31690
http://www.securityfocus.com/bid/31690
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11464
http://secunia.com/advisories/33085
http://secunia.com/advisories/33111
http://secunia.com/advisories/32331
http://www.vupen.com/english/advisories/2008/2782
http://www.vupen.com/english/advisories/2008/3401
http://www.securitytracker.com/id?1021033
http://secunia.com/advisories/32084
http://secunia.com/advisories/32226
http://secunia.com/advisories/32316
http://secunia.com/advisories/32284
http://secunia.com/advisories/32292
http://www.vupen.com/english/advisories/2009/1568
XForce ISS Database: cups-readrle16-bo(45789)
http://xforce.iss.net/xforce/xfdb/45789
Common Vulnerability Exposure (CVE) ID: CVE-2008-3640
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10266
http://www.securitytracker.com/id?1021034
XForce ISS Database: cups-writeprolog-bo(45790)
http://xforce.iss.net/xforce/xfdb/45790
Common Vulnerability Exposure (CVE) ID: CVE-2008-3641
Bugtraq: 20081010 ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/497221/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-08-067
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
BugTraq ID: 31688
http://www.securityfocus.com/bid/31688
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9666
http://www.vupen.com/english/advisories/2008/2780
http://www.securitytracker.com/id?1021031
http://secunia.com/advisories/32222
http://secunia.com/advisories/33568
XForce ISS Database: cups-hpgl-code-execution(45779)
http://xforce.iss.net/xforce/xfdb/45779
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 38680 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois

© 1998-2014 E-Soft Inc. Alle Rechte vorbehalten.