CUPS < 1.3.10 Multiple Overflows

According to its banner, the version of CUPS installed on the remote host is earlier than 1.3.10. Such versions are affected by multiple integer overflow vulnerabilities :

• A potential integer overflow in the PNG image validation code in ‘_cupsImageReadPNG()’. (STR #2974)

• A heap-based integer overflow in ‘_cupsImageReadTIFF()’. (STR #3031)

• The web interface may be vulnerable to DNS rebinding attacks due to a failure to validate the HTTP Host header in incoming requests. (STR #3118)

• A heap-based buffer overflow in pdftops. (CVE-2009-0195)

• Flawed ‘ip’ structure initialization in the function ‘ippReadIO()’ could allow an attacker to crash the application.