Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-598-1.NASL
HistoryApr 04, 2008 - 12:00 a.m.

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : cupsys vulnerabilities (USN-598-1)

2008-04-0400:00:00
Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

It was discovered that the CUPS administration interface contained a heap- based overflow flaw. A local attacker, and a remote attacker if printer sharing is enabled, could send a malicious request and possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-0047)

It was discovered that the hpgl filter in CUPS did not properly validate its input when parsing parameters. If a crafted HP-GL/2 file were printed, an attacker could possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0053)

It was discovered that CUPS had a flaw in its managing of remote shared printers via IPP. A remote attacker could send a crafted UDP packet and cause a denial of service or possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0882)

It was discovered that CUPS did not properly perform bounds checking in its GIF decoding routines. If a crafted GIF file were printed, an attacker could possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-1373).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-598-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(31785);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2008-0047", "CVE-2008-0053", "CVE-2008-0882", "CVE-2008-1373");
  script_bugtraq_id(27906, 28307, 28334, 28544);
  script_xref(name:"USN", value:"598-1");

  script_name(english:"Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : cupsys vulnerabilities (USN-598-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that the CUPS administration interface contained a
heap- based overflow flaw. A local attacker, and a remote attacker if
printer sharing is enabled, could send a malicious request and
possibly execute arbitrary code as the non-root user in Ubuntu 6.06
LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by
the AppArmor CUPS profile. (CVE-2008-0047)

It was discovered that the hpgl filter in CUPS did not properly
validate its input when parsing parameters. If a crafted HP-GL/2 file
were printed, an attacker could possibly execute arbitrary code as the
non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10,
attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0053)

It was discovered that CUPS had a flaw in its managing of remote
shared printers via IPP. A remote attacker could send a crafted UDP
packet and cause a denial of service or possibly execute arbitrary
code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In
Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0882)

It was discovered that CUPS did not properly perform bounds checking
in its GIF decoding routines. If a crafted GIF file were printed, an
attacker could possibly execute arbitrary code as the non-root user in
Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be
isolated by the AppArmor CUPS profile. (CVE-2008-1373).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/598-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cupsys");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cupsys-bsd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cupsys-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:cupsys-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcupsimage2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcupsimage2-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcupsys2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcupsys2-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libcupsys2-gnutls10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");

  script_set_attribute(attribute:"patch_publication_date", value:"2008/04/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(6\.06|6\.10|7\.04|7\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 6.10 / 7.04 / 7.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"6.06", pkgname:"cupsys", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"cupsys-bsd", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"cupsys-client", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libcupsimage2", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libcupsimage2-dev", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libcupsys2", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libcupsys2-dev", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"libcupsys2-gnutls10", pkgver:"1.2.2-0ubuntu0.6.06.8")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"cupsys", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"cupsys-bsd", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"cupsys-client", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"cupsys-common", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libcupsimage2", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libcupsimage2-dev", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libcupsys2", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libcupsys2-dev", pkgver:"1.2.4-2ubuntu3.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"cupsys", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"cupsys-bsd", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"cupsys-client", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"cupsys-common", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libcupsimage2", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libcupsimage2-dev", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libcupsys2", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libcupsys2-dev", pkgver:"1.2.8-0ubuntu8.3")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"cupsys", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"cupsys-bsd", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"cupsys-client", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"cupsys-common", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libcupsimage2", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libcupsimage2-dev", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libcupsys2", pkgver:"1.3.2-1ubuntu7.6")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"libcupsys2-dev", pkgver:"1.3.2-1ubuntu7.6")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cupsys / cupsys-bsd / cupsys-client / cupsys-common / libcupsimage2 / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxcupsysp-cpe:/a:canonical:ubuntu_linux:cupsys
canonicalubuntu_linuxcupsys-bsdp-cpe:/a:canonical:ubuntu_linux:cupsys-bsd
canonicalubuntu_linuxcupsys-clientp-cpe:/a:canonical:ubuntu_linux:cupsys-client
canonicalubuntu_linuxcupsys-commonp-cpe:/a:canonical:ubuntu_linux:cupsys-common
canonicalubuntu_linuxlibcupsimage2p-cpe:/a:canonical:ubuntu_linux:libcupsimage2
canonicalubuntu_linuxlibcupsimage2-devp-cpe:/a:canonical:ubuntu_linux:libcupsimage2-dev
canonicalubuntu_linuxlibcupsys2p-cpe:/a:canonical:ubuntu_linux:libcupsys2
canonicalubuntu_linuxlibcupsys2-devp-cpe:/a:canonical:ubuntu_linux:libcupsys2-dev
canonicalubuntu_linuxlibcupsys2-gnutls10p-cpe:/a:canonical:ubuntu_linux:libcupsys2-gnutls10
canonicalubuntu_linux6.06cpe:/o:canonical:ubuntu_linux:6.06:-:lts
Rows per page:
1-10 of 131

Related

openvas 77
ubuntu 1
gentoo 1
nessus 39
securityvulns 6
oraclelinux 3
redhat 5
centos 5
slackware 1
osv 2
debian 3
suse 3
fedora 11
prion 5
veracode 4
checkpoint_advisories 4
seebug 3
ubuntucve 4
cve 5
debiancve 4
openvas
openvas
Ubuntu: Security Advisory (USN-598-1)
2009-03-23 00:00:00
Ubuntu Update for cupsys vulnerabilities USN-598-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200804-01 (cups)
2008-09-24 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2008-04-02 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2008-04-01 00:00:00
nessus
nessus
GLSA-200804-01 : CUPS: Multiple vulnerabilities
2008-04-04 00:00:00
CentOS 5 : cups (CESA-2008:0192)
2010-01-06 00:00:00
Oracle Linux 5 : cups (ELSA-2008-0192)
2013-07-12 00:00:00
securityvulns
securityvulns
[USN-598-1] CUPS vulnerabilities
2008-04-03 00:00:00
iDefense Security Advisory 03.18.08: Multiple Vendor CUPS CGI Heap Overflow Vulnerability
2008-03-19 00:00:00
CUPS print system buffer overflow
2008-03-19 00:00:00
oraclelinux
oraclelinux
cups security update
2008-04-01 00:00:00
cups security update
2008-04-01 00:00:00
Important: cups security update
2008-02-21 00:00:00
redhat
redhat
(RHSA-2008:0192) Moderate: cups security update
2008-04-01 00:00:00
(RHSA-2008:0206) Moderate: cups security update
2008-04-01 00:00:00
(RHSA-2008:0157) Important: cups security update
2008-02-21 00:00:00
centos
centos
cups security update
2008-04-02 10:39:09
cups security update
2008-04-01 17:06:38
cups security update
2008-02-23 12:03:27
slackware
slackware
[slackware-security] cups
2008-04-03 07:53:48
osv
osv
cupsys - multiple vulnerabilities
2008-03-25 00:00:00
cupsys - arbitrary code execution
2008-08-01 00:00:00
debian
debian
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities
2008-03-25 15:11:39
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities
2008-03-25 15:10:49
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution
2008-08-01 07:52:16
suse
suse
remote code execution in cups
2008-04-04 16:22:43
remote code execution in cups
2008-03-19 10:07:43
remote code execution in cups
2008-03-06 10:52:33
fedora
fedora
[SECURITY] Fedora 7 Update: cups-1.2.12-10.fc7
2008-04-09 05:14:39
[SECURITY] Fedora 7 Update: cups-1.2.12-11.fc7
2008-05-10 13:55:52
[SECURITY] Fedora 8 Update: cups-1.3.6-4.fc8
2008-04-09 05:13:24
prion
prion
Heap overflow
2008-03-18 23:44:00
Double free
2008-02-21 19:44:00
Buffer overflow
2008-03-18 23:44:00
veracode
veracode
Remote Code Execution
2020-04-10 00:20:29
Arbitrary Code Execution
2020-04-10 00:20:33
Arbitrary Code Execution
2020-04-10 00:20:34
checkpoint_advisories
checkpoint_advisories
Multiple Vendor CUPS Administration Interface CGI Heap Overflow (CVE-2008-0047)
2010-01-04 00:00:00
Update Protection against Multiple Vendor CUPS Administration Interface CGI Heap Overflow vulnerability
2008-05-09 00:00:00
Multiple Vendor CUPS GIF Decoding Routine Buffer Overflow (CVE-2008-1373)
2009-10-14 00:00:00
seebug
seebug
CUPS gif_read_lzw()函数GIF文件处理缓冲区溢出漏洞
2008-04-03 00:00:00
CUPS CGI接口远程堆溢出漏洞
2008-03-20 00:00:00
Apple Mac OS X 2008-002更新修复多个安全漏洞
2008-03-20 00:00:00
ubuntucve
ubuntucve
CVE-2008-0047
2008-03-18 00:00:00
CVE-2008-0882
2008-02-21 00:00:00
CVE-2008-0053
2008-03-18 00:00:00
cve
cve
CVE-2008-0047
2008-03-18 23:44:00
CVE-2008-0882
2008-02-21 19:44:00
CVE-2008-0053
2008-03-18 23:44:00
debiancve
debiancve
CVE-2008-0047
2008-03-18 23:44:00
CVE-2008-0882
2008-02-21 19:44:00
CVE-2008-0053
2008-03-18 23:44:00
JSON
Related for UBUNTU_USN-598-1.NASL
openvas77ubuntu1gentoo1nessus39securityvulns6oraclelinux3redhat5centos5slackware1osv2debian3suse3fedora11prion5veracode4checkpoint_advisories4seebug3ubuntucve4cve5debiancve4