Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2008:0206

The remote host is missing updates announced in
advisory RHSA-2008:0206.

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX(R) operating systems.

Two overflows were discovered in the HP-GL/2-to-PostScript filter. An
attacker could create a malicious HP-GL/2 file that could possibly execute
arbitrary code as the lp user if the file is printed. (CVE-2008-0053)

A buffer overflow flaw was discovered in the GIF decoding routines used by
CUPS image converting filters imagetops and imagetoraster. An attacker
could create a malicious GIF file that could possibly execute arbitrary
code as the lp user if the file was printed. (CVE-2008-1373)

It was discovered that the patch used to address CVE-2004-0888 in CUPS
packages in Red Hat Enterprise Linux 3 and 4 did not completely resolve the
integer overflow in the pdftops filter on 64-bit platforms. An attacker
could create a malicious PDF file that could possibly execute arbitrary
code as the lp user if the file was printed. (CVE-2008-1374)

All cups users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-0053
BugTraq ID: 28304
BugTraq ID: 28334
Cert/CC Advisory: TA08-079A
Debian Security Information: DSA-1625 (Google Search)
SuSE Security Announcement: SUSE-SA:2008:020 (Google Search)
XForce ISS Database: macos-cups-inputvalidation-unspecified(41272)
Common Vulnerability Exposure (CVE) ID: CVE-2008-1373
BugTraq ID: 28544
Bugtraq: 20080404 rPSA-2008-0136-1 cups (Google Search)
XForce ISS Database: cups-gifreadlzw-bo(41587)
Common Vulnerability Exposure (CVE) ID: CVE-2008-1374
Bugtraq: 20080806 rPSA-2008-0245-1 cups (Google Search)
XForce ISS Database: cups-pdftops-bo(41758)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0888
BugTraq ID: 11501
Conectiva Linux advisory: CLA-2004:886
Debian Security Information: DSA-573 (Google Search)
Debian Security Information: DSA-581 (Google Search)
Debian Security Information: DSA-599 (Google Search)
SuSE Security Announcement: SUSE-SA:2004:039 (Google Search)
XForce ISS Database: xpdf-pdf-bo(17818)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0206
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.