Test ID:	1.3.6.1.4.1.25623.1.0.60144
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-563-1 (cupsys)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to cupsys announced via advisory USN-563-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Wei Wang discovered that the SNMP discovery backend did not correctly calculate the length of strings. If a user were tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code. Elias Pipping discovered that temporary files were not handled safely in certain situations when converting PDF to PS. A local attacker could cause a denial of service. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.6 Ubuntu 6.10: cupsys 1.2.4-2ubuntu3.2 Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.2 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.3 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-563-1 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5849 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html BugTraq ID: 26910 http://www.securityfocus.com/bid/26910 BugTraq ID: 26917 http://www.securityfocus.com/bid/26917 Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1437 (Google Search) http://www.debian.org/security/2007/dsa-1437 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00908.html http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 http://secunia.com/advisories/28113 http://secunia.com/advisories/28129 http://secunia.com/advisories/28136 http://secunia.com/advisories/28200 http://secunia.com/advisories/28386 http://secunia.com/advisories/28441 http://secunia.com/advisories/28636 http://secunia.com/advisories/28676 SuSE Security Announcement: SUSE-SA:2008:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html SuSE Security Announcement: SUSE-SR:2008:002 (Google Search) http://www.novell.com/linux/security/advisories/suse_security_summary_report.html http://www.ubuntu.com/usn/usn-563-1 http://www.vupen.com/english/advisories/2007/4238 http://www.vupen.com/english/advisories/2007/4242 XForce ISS Database: cups-asn1getstring-bo(39101) https://exchange.xforce.ibmcloud.com/vulnerabilities/39101 XForce ISS Database: macos-snmp-bo(39097) https://exchange.xforce.ibmcloud.com/vulnerabilities/39097 Common Vulnerability Exposure (CVE) ID: CVE-2007-6358 BugTraq ID: 26919 http://www.securityfocus.com/bid/26919 http://osvdb.org/42029 http://secunia.com/advisories/28139
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.