Test ID:	1.3.6.1.4.1.25623.1.0.70486
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2011:1635
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2011:1635. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the lp user. (CVE-2011-2896) All users of CUPS are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. After installing this update, the cupsd daemon will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1635.html Risk factor : Low
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2896 1025929 http://www.securitytracker.com/id?1025929 45621 http://secunia.com/advisories/45621 45900 http://secunia.com/advisories/45900 45945 http://secunia.com/advisories/45945 45948 http://secunia.com/advisories/45948 46024 http://secunia.com/advisories/46024 48236 http://secunia.com/advisories/48236 48308 http://secunia.com/advisories/48308 49148 http://www.securityfocus.com/bid/49148 50737 http://secunia.com/advisories/50737 DSA-2354 http://www.debian.org/security/2011/dsa-2354 DSA-2426 http://www.debian.org/security/2012/dsa-2426 FEDORA-2011-11173 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html FEDORA-2011-11197 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html FEDORA-2011-11221 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html FEDORA-2011-11229 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html FEDORA-2011-11305 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html FEDORA-2011-11318 http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html GLSA-201209-23 http://security.gentoo.org/glsa/glsa-201209-23.xml MDVSA-2011:146 http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 MDVSA-2011:167 http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 RHSA-2011:1635 http://www.redhat.com/support/errata/RHSA-2011-1635.html RHSA-2012:1180 http://rhn.redhat.com/errata/RHSA-2012-1180.html RHSA-2012:1181 http://rhn.redhat.com/errata/RHSA-2012-1181.html USN-1207-1 http://www.ubuntu.com/usn/USN-1207-1 USN-1214-1 http://www.ubuntu.com/usn/USN-1214-1 [oss-security] 20110810 LZW decompression issues http://www.openwall.com/lists/oss-security/2011/08/10/10 http://cups.org/str.php?L3867 http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 https://bugzilla.redhat.com/show_bug.cgi?id=727800 https://bugzilla.redhat.com/show_bug.cgi?id=730338
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.