Denial of Service : CUPS Empty UDP Datagram DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.15900

Categoría: Denial of Service

Título: CUPS Empty UDP Datagram DoS Vulnerability

Resumen: The target is running a CUPS server that supports browsing of network; printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing; feature can be disabled by sending an empty UDP datagram to the CUPS server.

Descripción: Summary:
The target is running a CUPS server that supports browsing of network
printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing
feature can be disabled by sending an empty UDP datagram to the CUPS server.

Solution:
Update to CUPS 1.1.21rc2 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0558
http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html
BugTraq ID: 11183
http://www.securityfocus.com/bid/11183
Conectiva Linux advisory: CLA-2004:872
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872
Debian Security Information: DSA-545 (Google Search)
http://www.debian.org/security/2004/dsa-545
https://bugzilla.fedora.us/show_bug.cgi?id=2072
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:097
https://github.com/fibonascii/CVE-2004-0558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11732
http://www.redhat.com/support/errata/RHSA-2004-449.html
SCO Security Bulletin: SCOSA-2004.15
http://marc.info/?l=bugtraq&m=109760654431316&w=2
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1
SuSE Security Announcement: SUSE-SA:2004:031 (Google Search)
http://www.suse.com/de/security/2004_31_cups.html
http://www.trustix.org/errata/2004/0047/
XForce ISS Database: cups-udp-dos(17389)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17389

Copyright Copyright (C) 2004 George A. Theall

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.15900
Categoría:	Denial of Service
Título:	CUPS Empty UDP Datagram DoS Vulnerability
Resumen:	The target is running a CUPS server that supports browsing of network; printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing; feature can be disabled by sending an empty UDP datagram to the CUPS server.
Descripción:	Summary: The target is running a CUPS server that supports browsing of network printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing feature can be disabled by sending an empty UDP datagram to the CUPS server. Solution: Update to CUPS 1.1.21rc2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0558 http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html BugTraq ID: 11183 http://www.securityfocus.com/bid/11183 Conectiva Linux advisory: CLA-2004:872 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872 Debian Security Information: DSA-545 (Google Search) http://www.debian.org/security/2004/dsa-545 https://bugzilla.fedora.us/show_bug.cgi?id=2072 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:097 https://github.com/fibonascii/CVE-2004-0558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11732 http://www.redhat.com/support/errata/RHSA-2004-449.html SCO Security Bulletin: SCOSA-2004.15 http://marc.info/?l=bugtraq&m=109760654431316&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1 SuSE Security Announcement: SUSE-SA:2004:031 (Google Search) http://www.suse.com/de/security/2004_31_cups.html http://www.trustix.org/errata/2004/0047/ XForce ISS Database: cups-udp-dos(17389) https://exchange.xforce.ibmcloud.com/vulnerabilities/17389
Copyright	Copyright (C) 2004 George A. Theall