English | Deutsch | Español | Português
 UserID:
 Passwd:
 new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   		     Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69111
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2176-1 (cups)
Summary:Debian Security Advisory DSA 2176-1 (cups)
Description:The remote host is missing an update to cups
announced via advisory DSA 2176-1.

Several vulnerabilities have been discovered in the Common UNIX Printing
System:

CVE-2008-5183

A null pointer dereference in RSS job completion notifications
could lead to denial of service.

CVE-2009-3553

It was discovered that incorrect file descriptor handling
could lead to denial of service.

CVE-2010-0540

A cross-site request forgery vulnerability was discovered in
the web interface.

CVE-2010-0542

Incorrect memory management in the filter subsystem could lead
to denial of service.

CVE-2010-1748

Information disclosure in the web interface.

CVE-2010-2431

Emmanuel Bouillon discovered a symlink vulnerability in handling
of cache files.

CVE-2010-2432

Denial of service in the authentication code.

CVE-2010-2941

Incorrect memory management in the IPP code could lead to denial
of service or the execution of arbitrary code.

Solution:
For the oldstable distribution (lenny), this problem has been fixed in
version 1.3.8-1+lenny9.

The stable distribution (squeeze) and the unstable distribution (sid)
had already been fixed prior to the initial Squeeze release.

We recommend that you upgrade your cups packages.

http://www.securityspace.com/smysecure/catid.html?in=DSA%202176-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5183
http://www.milw0rm.com/exploits/7150
http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/
http://lab.gnucitizen.org/projects/cups-0day
http://www.openwall.com/lists/oss-security/2008/11/19/3
http://www.openwall.com/lists/oss-security/2008/11/19/4
http://www.openwall.com/lists/oss-security/2008/11/20/1
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Debian Security Information: DSA-2176 (Google Search)
http://www.debian.org/security/2011/dsa-2176
http://www.mandriva.com/security/advisories?name=MDVSA-2009:028
http://www.redhat.com/support/errata/RHSA-2008-1029.html
SuSE Security Announcement: SUSE-SR:2008:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
BugTraq ID: 32419
http://www.securityfocus.com/bid/32419
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10586
http://secunia.com/advisories/43521
http://www.vupen.com/english/advisories/2009/0422
http://www.securitytracker.com/id?1021396
http://secunia.com/advisories/33937
http://www.vupen.com/english/advisories/2011/0535
XForce ISS Database: cups-rss-dos(46684)
http://xforce.iss.net/xforce/xfdb/46684
Common Vulnerability Exposure (CVE) ID: CVE-2009-3553
http://www.cups.org/newsgroups.php/newsgroups.php?v5994+gcups.bugs
http://www.cups.org/newsgroups.php/newsgroups.php?v5996+gcups.bugs
http://www.cups.org/newsgroups.php/newsgroups.php?v6055+gcups.bugs
http://www.cups.org/str.php?L3200
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00332.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:073
http://www.redhat.com/support/errata/RHSA-2009-1595.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275230-1
http://www.ubuntu.com/usn/USN-906-1
BugTraq ID: 37048
http://www.securityfocus.com/bid/37048
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11183
http://secunia.com/advisories/37360
http://secunia.com/advisories/37364
http://secunia.com/advisories/38241
http://www.vupen.com/english/advisories/2010/0173
Common Vulnerability Exposure (CVE) ID: CVE-2010-0540
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
BugTraq ID: 40871
http://www.securityfocus.com/bid/40871
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10382
http://www.securitytracker.com/id?1024122
http://secunia.com/advisories/40220
http://www.vupen.com/english/advisories/2010/1481
Common Vulnerability Exposure (CVE) ID: CVE-2010-0542
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
BugTraq ID: 40943
http://www.securityfocus.com/bid/40943
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10365
http://securitytracker.com/id?1024121
Common Vulnerability Exposure (CVE) ID: CVE-2010-1748
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9723
Common Vulnerability Exposure (CVE) ID: CVE-2010-2431
RedHat Security Advisories: RHSA-2010:0811
http://rhn.redhat.com/errata/RHSA-2010-0811.html
http://www.vupen.com/english/advisories/2010/2856
Common Vulnerability Exposure (CVE) ID: CVE-2010-2432
http://www.mandriva.com/security/advisories?name=MDVSA-2011:146
Common Vulnerability Exposure (CVE) ID: CVE-2010-2941
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html
http://www.redhat.com/support/errata/RHSA-2010-0866.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323
http://www.ubuntu.com/usn/USN-1012-1
BugTraq ID: 44530
http://www.securityfocus.com/bid/44530
http://www.osvdb.org/68951
http://securitytracker.com/id?1024662
http://secunia.com/advisories/42287
http://secunia.com/advisories/42867
http://www.vupen.com/english/advisories/2010/3042
http://www.vupen.com/english/advisories/2010/3088
http://www.vupen.com/english/advisories/2011/0061
XForce ISS Database: cups-cupsd-code-execution(62882)
http://xforce.iss.net/xforce/xfdb/62882
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  
 Forgot userid or passwd?
Email/Userid:



Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2013 E-Soft Inc. All rights reserved.