Gain a shell remotely : Multiple vulnerabilities in CUPS

Vulnerability Search		Search 219043 CVE descriptions and 99761 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	11199
Category:	Gain a shell remotely
Title:	Multiple vulnerabilities in CUPS
Summary:	NOSUMMARY
Description:	Description: The remote CUPS server seems vulnerable to various flaws which allow a remote attacker to shut down this server or even to remotely gain the privileges of the 'lp' user. Solution : upgrade to CUPS-1.1.18 Risk factor : High
Cross-Ref:	BugTraq ID: 6475 Common Vulnerability Exposure (CVE) ID: CVE-2002-1383 Bugtraq: 20021219 iDEFENSE Security Advisory 12.19.02: Multiple Security Vulnerabilities in Common Unix Printing System (CUPS) (Google Search) http://marc.info/?l=bugtraq&m=104032149026670&w=2 Caldera Security Advisory: CSSA-2003-004.0 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-004.0.txt http://www.idefense.com/advisory/12.19.02.txt http://www.redhat.com/support/errata/RHSA-2002-295.html http://secunia.com/advisories/7756/ http://secunia.com/advisories/7794 http://secunia.com/advisories/7803 http://secunia.com/advisories/7843 http://secunia.com/advisories/7858 http://secunia.com/advisories/7907 http://secunia.com/advisories/7913/ http://secunia.com/advisories/8080/ http://secunia.com/advisories/9325/ SuSE Security Announcement: SuSE-SA:2003:002 (Google Search) http://www.novell.com/linux/security/advisories/2003_002_cups.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0117.html Common Vulnerability Exposure (CVE) ID: CVE-2002-1366 BugTraq ID: 6435 http://www.securityfocus.com/bid/6435 Debian Security Information: DSA-232 (Google Search) http://www.debian.org/security/2003/dsa-232 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:001 XForce ISS Database: cups-certs-race-condition(10907) https://exchange.xforce.ibmcloud.com/vulnerabilities/10907 Common Vulnerability Exposure (CVE) ID: CVE-2002-1367 BugTraq ID: 6436 http://www.securityfocus.com/bid/6436 Conectiva Linux advisory: CLSA-2003:702 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000702 XForce ISS Database: cups-udp-add-printers(10908) https://exchange.xforce.ibmcloud.com/vulnerabilities/10908 Common Vulnerability Exposure (CVE) ID: CVE-2002-1368 BugTraq ID: 6437 http://www.securityfocus.com/bid/6437 http://www.mandriva.com/security/advisories?name=MDKSA-2003:001 XForce ISS Database: cups-neg-memcpy-bo(10909) https://exchange.xforce.ibmcloud.com/vulnerabilities/10909 Common Vulnerability Exposure (CVE) ID: CVE-2002-1384 http://www.securityfocus.com/bid/6475 Debian Security Information: DSA-222 (Google Search) http://www.debian.org/security/2003/dsa-222 Debian Security Information: DSA-226 (Google Search) http://www.debian.org/security/2003/dsa-226 http://marc.info/?l=bugtraq&m=104152282309980&w=2 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:002 http://www.idefense.com/advisory/12.23.02.txt http://www.redhat.com/support/errata/RHSA-2002-307.html http://www.redhat.com/support/errata/RHSA-2003-037.html http://www.redhat.com/support/errata/RHSA-2003-216.html SuSE Security Announcement: SUSE-SA:2003:002 (Google Search) XForce ISS Database: pdftops-integer-overflow(10937) https://exchange.xforce.ibmcloud.com/vulnerabilities/10937 Common Vulnerability Exposure (CVE) ID: CVE-2002-1369 BugTraq ID: 6438 http://www.securityfocus.com/bid/6438 XForce ISS Database: cups-strncat-options-bo(10910) https://exchange.xforce.ibmcloud.com/vulnerabilities/10910 Common Vulnerability Exposure (CVE) ID: CVE-2002-1372 BugTraq ID: 6440 http://www.securityfocus.com/bid/6440 XForce ISS Database: cups-file-descriptor-dos(10912) https://exchange.xforce.ibmcloud.com/vulnerabilities/10912
Copyright	This script is Copyright (C) 2003 Renaud Deraison