Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0206
HistoryApr 01, 2008 - 5:06 p.m.

cups security update

2008-04-0117:06:38
CentOS Project
lists.centos.org
51

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.3%

JSON

CentOS Errata and Security Advisory CESA-2008:0206

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX® operating systems.

Two overflows were discovered in the HP-GL/2-to-PostScript filter. An
attacker could create a malicious HP-GL/2 file that could possibly execute
arbitrary code as the “lp” user if the file is printed. (CVE-2008-0053)

A buffer overflow flaw was discovered in the GIF decoding routines used by
CUPS image converting filters “imagetops” and “imagetoraster”. An attacker
could create a malicious GIF file that could possibly execute arbitrary
code as the “lp” user if the file was printed. (CVE-2008-1373)

It was discovered that the patch used to address CVE-2004-0888 in CUPS
packages in Red Hat Enterprise Linux 3 and 4 did not completely resolve the
integer overflow in the “pdftops” filter on 64-bit platforms. An attacker
could create a malicious PDF file that could possibly execute arbitrary
code as the “lp” user if the file was printed. (CVE-2008-1374)

All cups users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-April/076957.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076958.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076961.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076962.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076965.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076966.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076967.html
https://lists.centos.org/pipermail/centos-announce/2008-April/076968.html

Affected packages:
cups
cups-devel
cups-libs

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0206

OSVersionArchitecturePackageVersionFilename
CentOS3i386cups< 1.1.17-13.3.52cups-1.1.17-13.3.52.i386.rpm
CentOS3i386cups-devel< 1.1.17-13.3.52cups-devel-1.1.17-13.3.52.i386.rpm
CentOS3i386cups-libs< 1.1.17-13.3.52cups-libs-1.1.17-13.3.52.i386.rpm
CentOS3x86_64cups< 1.1.17-13.3.52cups-1.1.17-13.3.52.x86_64.rpm
CentOS3x86_64cups-devel< 1.1.17-13.3.52cups-devel-1.1.17-13.3.52.x86_64.rpm
CentOS3i386cups-libs< 1.1.17-13.3.52cups-libs-1.1.17-13.3.52.i386.rpm
CentOS3x86_64cups-libs< 1.1.17-13.3.52cups-libs-1.1.17-13.3.52.x86_64.rpm
CentOS4i386cups< 1.1.22-0.rc1.9.20.2.el4_6.6cups-1.1.22-0.rc1.9.20.2.el4_6.6.i386.rpm
CentOS4i386cups-devel< 1.1.22-0.rc1.9.20.2.el4_6.6cups-devel-1.1.22-0.rc1.9.20.2.el4_6.6.i386.rpm
CentOS4i386cups-libs< 1.1.22-0.rc1.9.20.2.el4_6.6cups-libs-1.1.22-0.rc1.9.20.2.el4_6.6.i386.rpm
Rows per page:
1-10 of 321

Related

redhat 11
openvas 59
nessus 63
oraclelinux 3
prion 3
ubuntucve 6
cve 6
debiancve 6
suse 2
centos 2
debian 7
osv 4
securityvulns 6
ubuntu 3
gentoo 5
seebug 1
checkpoint_advisories 2
veracode 2
freebsd 1
slackware 1
fedora 6
redhat
redhat
(RHSA-2008:0206) Moderate: cups security update
2008-04-01 00:00:00
(RHSA-2008:0192) Moderate: cups security update
2008-04-01 00:00:00
(RHSA-2004:592) xpdf security update
2004-10-27 00:00:00
openvas
openvas
RedHat Update for cups RHSA-2008:0206-01
2009-03-06 00:00:00
CentOS Update for cups CESA-2008:0206 centos4 i386
2009-02-27 00:00:00
CentOS Update for cups CESA-2008:0206 centos4 x86_64
2009-02-27 00:00:00
nessus
nessus
Oracle Linux 3 / 4 : cups (ELSA-2008-0206)
2013-07-12 00:00:00
Scientific Linux Security Update : cups on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 3 / 4 : cups (RHSA-2008:0206)
2008-04-04 00:00:00
oraclelinux
oraclelinux
cups security update
2008-04-01 00:00:00
cups security update
2008-04-01 00:00:00
kdegraphics security update
2006-11-30 00:00:00
prion
prion
Integer overflow
2008-04-04 00:44:00
Buffer overflow
2008-03-18 23:44:00
Buffer overflow
2008-04-04 00:44:00
ubuntucve
ubuntucve
CVE-2008-1374
2008-04-04 00:00:00
CVE-2008-0053
2008-03-18 00:00:00
CVE-2004-0888
2005-01-27 00:00:00
cve
cve
CVE-2008-1374
2008-04-04 00:44:00
CVE-2008-0053
2008-03-18 23:44:00
CVE-2004-0888
2005-01-27 05:00:00
debiancve
debiancve
CVE-2008-1374
2008-04-04 00:44:00
CVE-2008-0053
2008-03-18 23:44:00
CVE-2004-0888
2005-01-27 05:00:00
suse
suse
remote code execution in cups
2008-04-04 16:22:43
remote system compromise in xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups
2004-10-26 10:45:14
centos
centos
cups security update
2008-04-02 10:39:09
tetex security update
2005-04-01 21:29:55
debian
debian
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution
2008-08-01 07:52:06
[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
2004-11-25 14:48:24
[SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution
2004-10-21 14:18:22
osv
osv
cupsys - arbitrary code execution
2008-08-01 00:00:00
tetex-bin - integer overflows
2004-11-25 00:00:00
xpdf - integer overflows
2004-11-02 00:00:00
securityvulns
securityvulns
[USN-598-1] CUPS vulnerabilities
2008-04-03 00:00:00
MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability
2004-10-22 00:00:00
CUPS code execution with GIF files
2008-04-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2008-04-02 00:00:00
tetex-bin vulnerabilities
2004-10-28 00:00:00
xpdf vulnerabilities
2004-11-02 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2008-04-01 00:00:00
pdftohtml: Vulnerabilities in included Xpdf
2004-11-23 00:00:00
GPdf, KPDF, KOffice: Vulnerabilities in included xpdf
2004-10-28 00:00:00
seebug
seebug
CUPS gif_read_lzw()函数GIF文件处理缓冲区溢出漏洞
2008-04-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Buffer Overflow Vulnerability in Common Unix Printing System (CUPS)
2008-04-25 00:00:00
Multiple Vendor CUPS GIF Decoding Routine Buffer Overflow (CVE-2008-1373)
2009-10-14 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:34
Arbitrary Code Execution
2020-04-10 00:20:33
freebsd
freebsd
xpdf -- integer overflow vulnerabilities
2004-10-21 00:00:00
slackware
slackware
[slackware-security] cups
2008-04-03 07:53:48
fedora
fedora
[SECURITY] Fedora 7 Update: cups-1.2.12-10.fc7
2008-04-09 05:14:39
[SECURITY] Fedora 7 Update: cups-1.2.12-11.fc7
2008-05-10 13:55:52
[SECURITY] Fedora 9 Update: cups-1.3.9-1.fc9
2008-10-16 02:08:34

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.3%

JSON
Related for CESA-2008:0206
redhat11openvas59nessus63oraclelinux3prion3ubuntucve6cve6debiancve6suse2centos2debian7osv4securityvulns6ubuntu3gentoo5seebug1checkpoint_advisories2veracode2freebsd1slackware1fedora6