ID de Prueba:	1.3.6.1.4.1.25623.1.0.51185
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:013
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:013. The Common UNIX Printing System provides a portable printing layer for UNIX(R) operating systems. A buffer overflow was found in the CUPS pdftops filter, which uses code from the Xpdf package. An attacker who has the ability to send a malicious PDF file to a printer could possibly execute arbitrary code as the lp user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1125 to this issue. A buffer overflow was found in the ParseCommand function in the hpgltops program. An attacker who has the ability to send a malicious HPGL file to a printer could possibly execute arbitrary code as the lp user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1267 to this issue. Red Hat believes that the Exec-Shield technology (enabled by default since Update 3) will block attempts to exploit these buffer overflow vulnerabilities on x86 architectures. The lppasswd utility ignores write errors when modifying the CUPS passwd file. A local user who is able to fill the associated file system could corrupt the CUPS password file or prevent future uses of lppasswd. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-1268 and CVE-2004-1269 to these issues. The lppasswd utility does not verify that the passwd.new file is different from STDERR, which could allow local users to control output to passwd.new via certain user input that triggers an error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1270 to this issue. In addition to these security issues, two other problems not relating to security have been fixed: Resuming a job with lp -H resume, which had previously been held with lp - -H hold could cause the scheduler to stop. This has been fixed in later versions of CUPS, and has been backported in these updated packages. The cancel-cups(1) man page is a symbolic link to another man page. The target of this link has been corrected. All users of cups should upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-013.html http://www.cups.org/str.php?L1023 http://www.cups.org/str.php?L1024 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1125 BugTraq ID: 12070 http://www.securityfocus.com/bid/12070 Bugtraq: 20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability (Google Search) http://marc.info/?t=110378596500001&r=1&w=2 Conectiva Linux advisory: CLA-2005:921 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921 https://bugzilla.fedora.us/show_bug.cgi?id=2352 https://bugzilla.fedora.us/show_bug.cgi?id=2353 http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830 http://www.redhat.com/support/errata/RHSA-2005-013.html http://www.redhat.com/support/errata/RHSA-2005-018.html http://www.redhat.com/support/errata/RHSA-2005-026.html http://www.redhat.com/support/errata/RHSA-2005-034.html http://www.redhat.com/support/errata/RHSA-2005-053.html http://www.redhat.com/support/errata/RHSA-2005-057.html http://www.redhat.com/support/errata/RHSA-2005-066.html http://www.redhat.com/support/errata/RHSA-2005-354.html SCO Security Bulletin: SCOSA-2005.42 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt http://securitytracker.com/id?1012646 http://secunia.com/advisories/17277 SuSE Security Announcement: SUSE-SR:2005:001 (Google Search) http://www.novell.com/linux/security/advisories/2005_01_sr.html https://usn.ubuntu.com/50-1/ XForce ISS Database: xpdf-gfx-doimage-bo(18641) https://exchange.xforce.ibmcloud.com/vulnerabilities/18641 Common Vulnerability Exposure (CVE) ID: CVE-2004-1267 http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 http://tigger.uic.edu/~jlongs2/holes/cups.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620 XForce ISS Database: cups-parsecommand-hpgl-bo(18604) https://exchange.xforce.ibmcloud.com/vulnerabilities/18604 Common Vulnerability Exposure (CVE) ID: CVE-2004-1268 http://tigger.uic.edu/~jlongs2/holes/cups2.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398 XForce ISS Database: cups-lppasswd-passwd-truncate(18606) https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 Common Vulnerability Exposure (CVE) ID: CVE-2004-1269 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545 XForce ISS Database: cups-lppasswd-dos(18608) https://exchange.xforce.ibmcloud.com/vulnerabilities/18608 Common Vulnerability Exposure (CVE) ID: CVE-2004-1270 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507 XForce ISS Database: cups-lppasswd-passwd-modify(18609) https://exchange.xforce.ibmcloud.com/vulnerabilities/18609
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.