Red Hat Local Security Checks : RedHat Security Advisory RHSA-2004:449

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51169

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2004:449

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2004:449.

The Common UNIX Printing System (CUPS) is a print spooler.

Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing
Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An
attacker could send a carefully crafted UDP packet to the IPP port which
could cause CUPS to stop listening to the port and result in a denial of
service. In order to exploit this bug, an attacker would need to have the
ability to send a UDP packet to the IPP port (by default 631). The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2004-0558 to this issue.

All users of cups should upgrade to these updated packages, which contain a
backported patch as well as a fix for a non-exploitable off-by-one bug.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-449.html
http://www.cups.org/str.php?L863

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 11183
Common Vulnerability Exposure (CVE) ID: CVE-2004-0558
http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html
http://www.securityfocus.com/bid/11183
Conectiva Linux advisory: CLA-2004:872
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872
Debian Security Information: DSA-545 (Google Search)
http://www.debian.org/security/2004/dsa-545
https://bugzilla.fedora.us/show_bug.cgi?id=2072
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:097
https://github.com/fibonascii/CVE-2004-0558
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11732
http://www.redhat.com/support/errata/RHSA-2004-449.html
SCO Security Bulletin: SCOSA-2004.15
http://marc.info/?l=bugtraq&m=109760654431316&w=2
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1
SuSE Security Announcement: SUSE-SA:2004:031 (Google Search)
http://www.suse.com/de/security/2004_31_cups.html
http://www.trustix.org/errata/2004/0047/
XForce ISS Database: cups-udp-dos(17389)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17389

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51169
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2004:449
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2004:449. The Common UNIX Printing System (CUPS) is a print spooler. Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An attacker could send a carefully crafted UDP packet to the IPP port which could cause CUPS to stop listening to the port and result in a denial of service. In order to exploit this bug, an attacker would need to have the ability to send a UDP packet to the IPP port (by default 631). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0558 to this issue. All users of cups should upgrade to these updated packages, which contain a backported patch as well as a fix for a non-exploitable off-by-one bug. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-449.html http://www.cups.org/str.php?L863 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 11183 Common Vulnerability Exposure (CVE) ID: CVE-2004-0558 http://lists.apple.com/archives/security-announce/2004/Oct/msg00000.html http://www.securityfocus.com/bid/11183 Conectiva Linux advisory: CLA-2004:872 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000872 Debian Security Information: DSA-545 (Google Search) http://www.debian.org/security/2004/dsa-545 https://bugzilla.fedora.us/show_bug.cgi?id=2072 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:097 https://github.com/fibonascii/CVE-2004-0558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11732 http://www.redhat.com/support/errata/RHSA-2004-449.html SCO Security Bulletin: SCOSA-2004.15 http://marc.info/?l=bugtraq&m=109760654431316&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57646-1 SuSE Security Announcement: SUSE-SA:2004:031 (Google Search) http://www.suse.com/de/security/2004_31_cups.html http://www.trustix.org/errata/2004/0047/ XForce ISS Database: cups-udp-dos(17389) https://exchange.xforce.ibmcloud.com/vulnerabilities/17389
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com