Lucene search
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.DEBIAN_DSA-950.NASLHistoryOct 14, 2006 - 12:00 a.m.
Debian DSA-950-1 : cupsys - buffer overflows
2006-10-1400:00:00
This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.
www.tenable.com
11
‘infamous41md’ and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in CUPS, the Common UNIX Printing System, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-950. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(22816);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2005-3191", "CVE-2005-3192", "CVE-2005-3193", "CVE-2005-3624", "CVE-2005-3625", "CVE-2005-3626", "CVE-2005-3627", "CVE-2005-3628");
script_xref(name:"DSA", value:"950");
script_name(english:"Debian DSA-950-1 : cupsys - buffer overflows");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"'infamous41md' and Chris Evans discovered several heap based buffer
overflows in xpdf which are also present in CUPS, the Common UNIX
Printing System, and which can lead to a denial of service by crashing
the application or possibly to the execution of arbitrary code."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2006/dsa-950"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the CUPS packages.
For the old stable distribution (woody) these problems have been fixed
in version 1.1.14-5woody14.
CUPS doesn't use the xpdf source anymore since 1.1.22-7, when it
switched to using xpdf-utils for PDF processing."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:cupsys");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
script_set_attribute(attribute:"patch_publication_date", value:"2006/01/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/12/05");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.0", prefix:"cupsys", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.0", prefix:"cupsys-bsd", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.0", prefix:"cupsys-client", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.0", prefix:"cupsys-pstoraster", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.0", prefix:"libcupsys2", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.0", prefix:"libcupsys2-dev", reference:"1.1.14-5woody14")) flag++;
if (deb_check(release:"3.1", prefix:"cupsys", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"cupsys-bsd", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"cupsys-client", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"libcupsimage2", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"libcupsimage2-dev", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"libcupsys2", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"libcupsys2-dev", reference:"1.1.23-10sarge1")) flag++;
if (deb_check(release:"3.1", prefix:"libcupsys2-gnutls10", reference:"1.1.23-10sarge1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | cupsys | p-cpe:/a:debian:debian_linux:cupsys |
| debian | debian_linux | 3.0 | cpe:/o:debian:debian_linux:3.0 |
| debian | debian_linux | 3.1 | cpe:/o:debian:debian_linux:3.1 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
www.debian.org/security/2006/dsa-950
Related
openvas
openvas
Debian Security Advisory DSA 950-1 (cupsys)
2008-01-17 00:00:00
Debian Security Advisory DSA 931-1 (xpdf)
2008-01-17 00:00:00
Debian Security Advisory DSA 932-1 (xpdf)
2008-01-17 00:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 : tetex (RHSA-2006:0160)
2006-01-20 00:00:00
CentOS 4 : kdegraphics (CESA-2005:868)
2006-07-05 00:00:00
Mandrake Linux Security Advisory : cups (MDKSA-2006:010)
2006-01-15 00:00:00
debian
debian
[SECURITY] [DSA 932-1] New kpdf packages fix arbitrary code execution
2006-01-09 00:00:00
[SECURITY] [DSA 962-1] New pdftohtml packages fix arbitrary code execution
2006-02-01 00:00:00
[SECURITY] [DSA 962-1] New pdftohtml packages fix arbitrary code execution
2006-02-01 09:57:27
centos
centos
xpdf security update
2005-12-07 00:42:21
xpdf security update
2005-12-22 00:12:57
tetex security update
2006-01-30 00:51:00
gentoo
gentoo
KPdf, KWord: Multiple overflows in included Xpdf code
2006-01-04 00:00:00
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
2006-01-30 00:00:00
Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities
2005-12-16 00:00:00
redhat
redhat
(RHSA-2005:840) xpdf security update
2005-12-06 00:00:00
(RHSA-2006:0160) tetex security update
2006-01-19 00:00:00
(RHSA-2005:868) kdegraphics security update
2005-12-20 00:00:00
suse
suse
remote code execution in xpdf,kpdf,gpdf,kword
2006-01-11 12:03:37
osv
osv
kdegraphics - buffer overflows
2006-01-09 00:00:00
xpdf - buffer overflows
2006-01-09 00:00:00
pdftohtml - buffer overflows
2006-02-01 00:00:00
securityvulns
securityvulns
slackware
slackware
[slackware-security] xpdf
2006-02-15 00:28:51
[slackware-security] kdegraphics
2006-02-15 00:27:14
[slackware-security] tetex PDF security
2006-05-22 22:14:23
ubuntu
ubuntu
xpdf vulnerabilities
2006-01-06 00:00:00
xpdf vulnerabilities in kword, kpdf
2006-01-09 00:00:00
xpdf vulnerabilities
2005-12-12 00:00:00
debiancve
debiancve
cvelist
cvelist
prion
prion
Design/Logic Flaw
2006-03-15 19:06:00
ubuntucve
ubuntucve
cve
cve
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.01-alt2pl1
2005-12-07 00:00:00
Security fix for the ALT Linux 5 package xpdf version 3.01-alt3
2006-01-13 00:00:00
talos
talos
Related for DEBIAN_DSA-950.NASL