| Description: | Summary:
The remote host is missing an update for the 'cups' package(s) announced via the SSA:2007-305-01 advisory.
Vulnerability Insight:
CUPS was found to contain errors in ipp.c which could allow a remote attacker
to crash CUPS, resulting in a denial of service. If you use CUPS, it is
recommended to update to the latest package for your version of Slackware.
The latest cups package is available for Slackware -current, and patched
packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0,
and 12.0 that fix the problems.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
[link moved to references]
Here are the details from the Slackware 12.0 ChangeLog:
+--------------------------+
patches/packages/cups-1.2.11-i486-2_slack12.0.tgz:
Patched cups-1.2.11.
An off-by-one error in ipp.c may allow a remote attacker to crash CUPS
resulting in a denial of service.
For more information, see:
[link moved to references]
(* Security fix *)
+--------------------------+
Affected Software/OS:
'cups' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware current.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
