Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:232 (cups)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68565

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:232 (cups)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to cups
announced via advisory MDVSA-2010:232.

Multiple vulnerabilities were discovered and corrected in cups:

Cross-site request forgery (CSRF) vulnerability in the web interface
in CUPS, allows remote attackers to hijack the authentication of
administrators for requests that change settings (CVE-2010-0540).

The _WriteProlog function in texttops.c in texttops in the Text Filter
subsystem in CUPS before 1.4.4 does not check the return values
of certain calloc calls, which allows remote attackers to cause a
denial of service (NULL pointer dereference or heap memory corruption)
or possibly execute arbitrary code via a crafted file (CVE-2010-0542).

The web interface in CUPS, reads uninitialized memory during handling
of form variables, which allows context-dependent attackers to obtain
sensitive information from cupsd process memory via unspecified vectors
(CVE-2010-1748).

The cupsFileOpen function in CUPS before 1.4.4 allows local users,
with lp group membership, to overwrite arbitrary files via a
symlink attack on the (1) /var/cache/cups/remote.cache or (2)
/var/cache/cups/job.cache file (CVE-2010-2431).

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate
memory for attribute values with invalid string data types, which
allows remote attackers to cause a denial of service (use-after-free
and application crash) or possibly execute arbitrary code via a
crafted IPP request (CVE-2010-2941).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Affected: 2009.0, 2010.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:232

Risk factor : High

CVSS Score:
7.9

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0540
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 40871
http://www.securityfocus.com/bid/40871
Debian Security Information: DSA-2176 (Google Search)
http://www.debian.org/security/2011/dsa-2176
http://security.gentoo.org/glsa/glsa-201207-10.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382
http://www.securitytracker.com/id?1024122
http://secunia.com/advisories/40220
http://secunia.com/advisories/43521
http://www.vupen.com/english/advisories/2010/1481
http://www.vupen.com/english/advisories/2011/0535
Common Vulnerability Exposure (CVE) ID: CVE-2010-0542
BugTraq ID: 40943
http://www.securityfocus.com/bid/40943
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365
http://securitytracker.com/id?1024121
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1748
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723
Common Vulnerability Exposure (CVE) ID: CVE-2010-2431
RedHat Security Advisories: RHSA-2010:0811
http://rhn.redhat.com/errata/RHSA-2010-0811.html
http://www.vupen.com/english/advisories/2010/2856
Common Vulnerability Exposure (CVE) ID: CVE-2010-2941
1024662
http://securitytracker.com/id?1024662
42287
http://secunia.com/advisories/42287
42867
http://secunia.com/advisories/42867
43521
44530
http://www.securityfocus.com/bid/44530
68951
http://www.osvdb.org/68951
ADV-2010-2856
ADV-2010-3042
http://www.vupen.com/english/advisories/2010/3042
ADV-2010-3088
http://www.vupen.com/english/advisories/2010/3088
ADV-2011-0061
http://www.vupen.com/english/advisories/2011/0061
ADV-2011-0535
APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
DSA-2176
FEDORA-2010-17615
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html
FEDORA-2010-17627
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html
FEDORA-2010-17641
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html
GLSA-201207-10
MDVSA-2010:232
MDVSA-2010:233
MDVSA-2010:234
RHSA-2010:0811
RHSA-2010:0866
http://www.redhat.com/support/errata/RHSA-2010-0866.html
SSA:2010-333-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323
SUSE-SR:2010:023
USN-1012-1
http://www.ubuntu.com/usn/USN-1012-1
cups-cupsd-code-execution(62882)
https://exchange.xforce.ibmcloud.com/vulnerabilities/62882
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
http://support.apple.com/kb/HT4435
https://bugzilla.redhat.com/show_bug.cgi?id=624438

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68565
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:232 (cups)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to cups announced via advisory MDVSA-2010:232. Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings (CVE-2010-0540). The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or heap memory corruption) or possibly execute arbitrary code via a crafted file (CVE-2010-0542). The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors (CVE-2010-1748). The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the (1) /var/cache/cups/remote.cache or (2) /var/cache/cups/job.cache file (CVE-2010-2431). ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request (CVE-2010-2941). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. Affected: 2009.0, 2010.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:232 Risk factor : High CVSS Score: 7.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0540 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html BugTraq ID: 40871 http://www.securityfocus.com/bid/40871 Debian Security Information: DSA-2176 (Google Search) http://www.debian.org/security/2011/dsa-2176 http://security.gentoo.org/glsa/glsa-201207-10.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:232 http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 http://www.mandriva.com/security/advisories?name=MDVSA-2010:234 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382 http://www.securitytracker.com/id?1024122 http://secunia.com/advisories/40220 http://secunia.com/advisories/43521 http://www.vupen.com/english/advisories/2010/1481 http://www.vupen.com/english/advisories/2011/0535 Common Vulnerability Exposure (CVE) ID: CVE-2010-0542 BugTraq ID: 40943 http://www.securityfocus.com/bid/40943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10365 http://securitytracker.com/id?1024121 SuSE Security Announcement: SUSE-SR:2010:023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2010-1748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723 Common Vulnerability Exposure (CVE) ID: CVE-2010-2431 RedHat Security Advisories: RHSA-2010:0811 http://rhn.redhat.com/errata/RHSA-2010-0811.html http://www.vupen.com/english/advisories/2010/2856 Common Vulnerability Exposure (CVE) ID: CVE-2010-2941 1024662 http://securitytracker.com/id?1024662 42287 http://secunia.com/advisories/42287 42867 http://secunia.com/advisories/42867 43521 44530 http://www.securityfocus.com/bid/44530 68951 http://www.osvdb.org/68951 ADV-2010-2856 ADV-2010-3042 http://www.vupen.com/english/advisories/2010/3042 ADV-2010-3088 http://www.vupen.com/english/advisories/2010/3088 ADV-2011-0061 http://www.vupen.com/english/advisories/2011/0061 ADV-2011-0535 APPLE-SA-2010-11-10-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html DSA-2176 FEDORA-2010-17615 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html FEDORA-2010-17627 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html FEDORA-2010-17641 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html GLSA-201207-10 MDVSA-2010:232 MDVSA-2010:233 MDVSA-2010:234 RHSA-2010:0811 RHSA-2010:0866 http://www.redhat.com/support/errata/RHSA-2010-0866.html SSA:2010-333-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323 SUSE-SR:2010:023 USN-1012-1 http://www.ubuntu.com/usn/USN-1012-1 cups-cupsd-code-execution(62882) https://exchange.xforce.ibmcloud.com/vulnerabilities/62882 http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox http://support.apple.com/kb/HT4435 https://bugzilla.redhat.com/show_bug.cgi?id=624438
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com