ID de Prueba:	1.3.6.1.4.1.25623.1.0.880680
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for cups CESA-2009:1595 centos5 i386
Resumen:	The remote host is missing an update for the 'cups'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'cups' package(s) announced via the referenced advisory. Vulnerability Insight: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. A use-after-free flaw was found in the way CUPS handled references in its file descriptors-handling interface. A remote attacker could, in a specially-crafted way, query for the list of current print jobs for a specific printer, leading to a denial of service (cupsd crash). (CVE-2009-3553) Several cross-site scripting (XSS) flaws were found in the way the CUPS web server interface processed HTML form content. If a remote attacker could trick a local user who is logged into the CUPS web interface into visiting a specially-crafted HTML page, the attacker could retrieve and potentially modify confidential CUPS administration data. (CVE-2009-2820) Red Hat would like to thank Aaron Sigel of Apple Product Security for responsibly reporting the CVE-2009-2820 issue. Users of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the cupsd daemon will be restarted automatically. Affected Software/OS: cups on CentOS 5 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2820 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html BugTraq ID: 36956 http://www.securityfocus.com/bid/36956 http://www.mandriva.com/security/advisories?name=MDVSA-2010:072 http://www.mandriva.com/security/advisories?name=MDVSA-2010:073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9153 http://www.redhat.com/support/errata/RHSA-2009-1595.html http://secunia.com/advisories/37308 http://secunia.com/advisories/37360 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021115.1-1 http://www.vupen.com/english/advisories/2009/3184 Common Vulnerability Exposure (CVE) ID: CVE-2009-3553 275230 http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1 37048 http://www.securityfocus.com/bid/37048 37360 37364 http://secunia.com/advisories/37364 38241 http://secunia.com/advisories/38241 43521 http://secunia.com/advisories/43521 ADV-2010-0173 http://www.vupen.com/english/advisories/2010/0173 ADV-2011-0535 http://www.vupen.com/english/advisories/2011/0535 APPLE-SA-2010-01-19-1 http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html DSA-2176 http://www.debian.org/security/2011/dsa-2176 FEDORA-2009-12652 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html GLSA-201207-10 http://security.gentoo.org/glsa/glsa-201207-10.xml MDVSA-2010:073 RHSA-2009:1595 USN-906-1 http://www.ubuntu.com/usn/USN-906-1 http://support.apple.com/kb/HT4004 http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs http://www.cups.org/str.php?L3200 https://bugzilla.redhat.com/show_bug.cgi?id=530111 oval:org.mitre.oval:def:11183 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11183
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.