Test ID:	1.3.6.1.4.1.25623.1.0.880781
Category:	CentOS Local Security Checks
Title:	CentOS Update for cups CESA-2009:0308 centos3 i386
Summary:	The remote host is missing an update for the 'cups'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'cups' package(s) announced via the referenced advisory. Vulnerability Insight: The Common UNIX® Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS security advisory, RHSA-2008:0937, stated that it fixed CVE-2008-3640 for Red Hat Enterprise Linux 3, 4, and 5. It was discovered this flaw was not properly fixed on Red Hat Enterprise Linux 3, however. (CVE-2009-0577) These new packages contain a proper fix for CVE-2008-3640 on Red Hat Enterprise Linux 3. Red Hat Enterprise Linux 4 and 5 already contain the appropriate fix for this flaw and do not need to be updated. Users of cups should upgrade to these updated packages, which contain a backported patch to correct this issue. Affected Software/OS: cups on CentOS 3 Solution: Please install the updated packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0577 33995 http://secunia.com/advisories/33995 RHSA-2009:0308 http://www.redhat.com/support/errata/RHSA-2009-0308.html cups-texttops-writeprolog-bo(48977) https://exchange.xforce.ibmcloud.com/vulnerabilities/48977 http://support.avaya.com/elmodocs2/security/ASA-2009-064.htm https://bugzilla.redhat.com/show_bug.cgi?id=486052 oval:org.mitre.oval:def:9968 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9968 Common Vulnerability Exposure (CVE) ID: CVE-2008-3640 BugTraq ID: 31690 http://www.securityfocus.com/bid/31690 Debian Security Information: DSA-1656 (Google Search) http://www.debian.org/security/2008/dsa-1656 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00331.html https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00380.html http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=752 http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10266 http://www.redhat.com/support/errata/RHSA-2008-0937.html http://www.securitytracker.com/id?1021034 http://secunia.com/advisories/32084 http://secunia.com/advisories/32226 http://secunia.com/advisories/32284 http://secunia.com/advisories/32292 http://secunia.com/advisories/32316 http://secunia.com/advisories/32331 http://secunia.com/advisories/33085 http://secunia.com/advisories/33111 http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1 SuSE Security Announcement: SUSE-SR:2008:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html https://usn.ubuntu.com/656-1/ http://www.vupen.com/english/advisories/2008/2782 http://www.vupen.com/english/advisories/2008/3401 http://www.vupen.com/english/advisories/2009/1568 XForce ISS Database: cups-writeprolog-bo(45790) https://exchange.xforce.ibmcloud.com/vulnerabilities/45790
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.