|Category:||Red Hat Local Security Checks|
|Title:||RedHat Security Advisory RHSA-2009:1082|
The remote host is missing updates announced in
The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The Internet Printing Protocol (IPP) allows
users to print and manage printing-related tasks over a network.
A NULL pointer dereference flaw was found in the CUPS IPP routine, used for
processing incoming IPP requests for the CUPS scheduler. An attacker could
use this flaw to send specially-crafted IPP requests that would crash the
cupsd daemon. (CVE-2009-0949)
Red Hat would like to thank Anibal Sacco from Core Security Technologies
for reporting this issue.
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the cupsd daemon will be restarted automatically.
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
Common Vulnerability Exposure (CVE) ID: CVE-2009-0949|
BugTraq ID: 35169
Bugtraq: 20090602 CORE-2009-0420 - Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability (Google Search)
Debian Security Information: DSA-1811 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
XForce ISS Database: apple-cups-ipptag-dos(50926)
|Copyright||Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.