Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:571

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54349

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:571

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:571.

The Common UNIX Printing System (CUPS) provides a portable printing layer for
UNIX(R) operating systems.

When processing a request, the CUPS scheduler would use case-sensitive
matching on the queue name to decide which authorization policy should be
used. However, queue names are not case-sensitive. An unauthorized user
could print to a password-protected queue without needing a password. The
Common Vulnerabilities and Exposures project has assigned the name
CVE-2005-2154 to this issue.

Please note that the version of CUPS included in Red Hat Enterprise Linux 4
is not vulnerable to this issue.

All users of CUPS should upgrade to these erratum packages which contain a
backported patch to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-571.html

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-2154
FLSA:163274
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274
RHSA-2005:571
http://www.redhat.com/support/errata/RHSA-2005-571.html
SUSE-SR:2005:018
http://www.novell.com/linux/security/advisories/2005_18_sr.html
USN-185-1
http://www.ubuntu.com/usn/usn-185-1
http://www.cups.org/str.php?L700
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405
oval:org.mitre.oval:def:9940
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940
Common Vulnerability Exposure (CVE) ID: CVE-2005-2154
BugTraq ID: 14127
http://www.securityfocus.com/bid/14127
Bugtraq: 20050701 [SECURITY ALERT] osTicket bugs (Google Search)
http://seclists.org/lists/bugtraq/2005/Jul/0009.html
http://securitytracker.com/id?1014373

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54349
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:571
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:571. The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. When processing a request, the CUPS scheduler would use case-sensitive matching on the queue name to decide which authorization policy should be used. However, queue names are not case-sensitive. An unauthorized user could print to a password-protected queue without needing a password. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2154 to this issue. Please note that the version of CUPS included in Red Hat Enterprise Linux 4 is not vulnerable to this issue. All users of CUPS should upgrade to these erratum packages which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-571.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2154 FLSA:163274 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163274 RHSA-2005:571 http://www.redhat.com/support/errata/RHSA-2005-571.html SUSE-SR:2005:018 http://www.novell.com/linux/security/advisories/2005_18_sr.html USN-185-1 http://www.ubuntu.com/usn/usn-185-1 http://www.cups.org/str.php?L700 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162405 oval:org.mitre.oval:def:9940 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9940 Common Vulnerability Exposure (CVE) ID: CVE-2005-2154 BugTraq ID: 14127 http://www.securityfocus.com/bid/14127 Bugtraq: 20050701 [SECURITY ALERT] osTicket bugs (Google Search) http://seclists.org/lists/bugtraq/2005/Jul/0009.html http://securitytracker.com/id?1014373
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com