Lucene search
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.MANDRAKE_MDKSA-2004-097.NASLHistorySep 16, 2004 - 12:00 a.m.
Mandrake Linux Security Advisory : cups (MDKSA-2004:097)
2004-09-1600:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
15
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.037 Low
EPSS
Percentile
91.8%
Alvaro Martinez Echevarria discovered a vulnerability in the CUPS print server where an empty UDP datagram sent to port 631 (the default port that cupsd listens to) would disable browsing. This would prevent cupsd from seeing any remote printers or any future remote printer changes.
The updated packages are patched to protect against this vulnerability.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandrake Linux Security Advisory MDKSA-2004:097.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(14753);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2004-0558");
script_xref(name:"MDKSA", value:"2004:097");
script_name(english:"Mandrake Linux Security Advisory : cups (MDKSA-2004:097)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandrake Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Alvaro Martinez Echevarria discovered a vulnerability in the CUPS
print server where an empty UDP datagram sent to port 631 (the default
port that cupsd listens to) would disable browsing. This would prevent
cupsd from seeing any remote printers or any future remote printer
changes.
The updated packages are patched to protect against this
vulnerability."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.cups.org/str.php?L863"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cups-serial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cups2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cups2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libcups2-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");
script_set_attribute(attribute:"patch_publication_date", value:"2004/09/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/16");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK10.0", reference:"cups-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"cups-common-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", reference:"cups-serial-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64cups2-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64cups2-devel-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libcups2-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libcups2-devel-1.1.20-5.1.100mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"cups-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"cups-common-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", reference:"cups-serial-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64cups2-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64cups2-devel-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libcups2-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libcups2-devel-1.1.19-10.1.92mdk", yank:"mdk")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | cups | p-cpe:/a:mandriva:linux:cups |
| mandriva | linux | cups-common | p-cpe:/a:mandriva:linux:cups-common |
| mandriva | linux | cups-serial | p-cpe:/a:mandriva:linux:cups-serial |
| mandriva | linux | lib64cups2 | p-cpe:/a:mandriva:linux:lib64cups2 |
| mandriva | linux | lib64cups2-devel | p-cpe:/a:mandriva:linux:lib64cups2-devel |
| mandriva | linux | libcups2 | p-cpe:/a:mandriva:linux:libcups2 |
| mandriva | linux | libcups2-devel | p-cpe:/a:mandriva:linux:libcups2-devel |
| mandrakesoft | mandrake_linux | 10.0 | cpe:/o:mandrakesoft:mandrake_linux:10.0 |
| mandrakesoft | mandrake_linux | 9.2 | cpe:/o:mandrakesoft:mandrake_linux:9.2 |
Related
nessus
nessus
GLSA-200409-25 : CUPS: Denial of service vulnerability
2004-09-21 00:00:00
FreeBSD : cups -- print queue browser denial-of-service (27)
2004-09-16 00:00:00
RHEL 3 : cups (RHSA-2004:449)
2004-09-15 00:00:00
gentoo
gentoo
CUPS: Denial of service vulnerability
2004-09-20 00:00:00
openvas
openvas
Slackware Advisory SSA:2004-266-01 CUPS DoS
2012-09-11 00:00:00
Gentoo Security Advisory GLSA 200409-25 (CUPS)
2008-09-24 00:00:00
FreeBSD Ports: cups-base
2008-09-04 00:00:00
cvelist
cvelist
CVE-2004-0558
2004-09-17 04:00:00
osv
osv
cupsys - denial of service
2004-09-15 00:00:00
securityvulns
securityvulns
MDKSA-2004:097 - Updated cups packages fix DoS vulnerability
2004-09-16 00:00:00
slackware
slackware
[slackware-security] CUPS DoS
2004-09-22 20:38:36
freebsd
freebsd
cups -- print queue browser denial-of-service
2004-08-23 00:00:00
debiancve
debiancve
CVE-2004-0558
2004-09-28 04:00:00
ubuntucve
ubuntucve
CVE-2004-0558
2004-09-28 00:00:00
nvd
nvd
CVE-2004-0558
2004-09-28 04:00:00
redhat
redhat
(RHSA-2004:449) cups security update
2004-09-15 00:00:00
debian
debian
[SECURITY] [DSA 545-1] New cupsys packages fix denial of service
2004-09-15 16:55:55
[SECURITY] [DSA 545-1] New cupsys packages fix denial of service
2004-09-15 16:55:55
cve
cve
CVE-2004-0558
2004-09-28 04:00:00
suse
suse
remote code execution in cups
2004-09-15 14:45:26
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.037 Low
EPSS
Percentile
91.8%
Related for MANDRAKE_MDKSA-2004-097.NASL