{"pluginID": "136141256231065524", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065524", "history": [], "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5019347.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for CUPS\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-client\n cups-libs\n cups\n foomatic-filters\n cups-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019347 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65524\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0801\", \"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for CUPS\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.1.20~108.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "bulletinFamily": "scanner", "modified": "2018-04-06T00:00:00", "title": "SLES9: Security update for CUPS", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "cvelist": ["CVE-2004-0558", "CVE-2004-0801"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-client\n cups-libs\n cups\n foomatic-filters\n cups-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019347 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "viewCount": 0, "published": "2009-10-10T00:00:00", "edition": 1, "hash": "eb13ff78f60b4d764259707bcd7c259e579e2f1b4c6a4d6f515681ac5ed4fe2d", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "4e141f46b2738790e6d9974a6a78cbfc"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "e4e1b0555e4d7e64d251e803d4b0996d"}, {"key": "href", "hash": "5148bfd6fba8b97a58b87780cb0ecef4"}, {"key": "modified", "hash": "4fb7fd6149697e74d091717ea3f1ca84"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "08f15d6a9bcbc8226e94407f58ebd767"}, {"key": "published", "hash": "b5690f93a9a8de1997d799545818941e"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "b778055b37159119ce97e96620d4ff56"}, {"key": "sourceData", "hash": "1110f06de207cb19559b951aca74b5b2"}, {"key": "title", "hash": "a274735861c579b9282c587330d9dfce"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "id": "OPENVAS:136141256231065524", "type": "openvas", "lastseen": "2018-04-06T11:38:34", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2018-04-06T11:38:34"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-0801", "CVE-2004-0558"]}, {"type": "nessus", "idList": ["SUSE_SA_2004_031.NASL", "SLACKWARE_SSA_2004-266-01.NASL", "FEDORA_2004-275.NASL", "FREEBSD_CUPS_1121.NASL", "DEBIAN_DSA-545.NASL", "GENTOO_GLSA-200409-25.NASL", "FREEBSD_PKG_05DCF751073311D9B45D000C41E2CDAD.NASL", "MANDRAKE_MDKSA-2004-097.NASL", "CUPS_EMPTY_UDP_DOS.NASL", "REDHAT-RHSA-2004-449.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:65524", "OPENVAS:53235", "OPENVAS:53908", "OPENVAS:52387", "OPENVAS:54681", "OPENVAS:136141256231015900", "OPENVAS:136141256231053908", "OPENVAS:54680"]}, {"type": "debian", "idList": ["DEBIAN:DSA-545-1:3A381"]}, {"type": "osvdb", "idList": ["OSVDB:9995", "OSVDB:10000"]}, {"type": "freebsd", "idList": ["05DCF751-0733-11D9-B45D-000C41E2CDAD"]}, {"type": "gentoo", "idList": ["GLSA-200409-25", "GLSA-200409-24"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6819", "SECURITYVULNS:DOC:6820"]}, {"type": "exploitdb", "idList": ["EDB-ID:24599"]}, {"type": "redhat", "idList": ["RHSA-2004:449"]}, {"type": "slackware", "idList": ["SSA-2004-266-01"]}, {"type": "suse", "idList": ["SUSE-SA:2006:026", "SUSE-SA:2004:031"]}], "modified": "2018-04-06T11:38:34"}, "vulnersScore": 6.7}, "objectVersion": "1.3", "references": [], "naslFamily": "SuSE Local Security Checks"}

{"cve": [{"lastseen": "2019-05-29T18:08:03", "bulletinFamily": "NVD", "description": "Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.", "modified": "2017-07-11T01:30:00", "id": "CVE-2004-0801", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0801", "published": "2004-09-16T04:00:00", "title": "CVE-2004-0801", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:08:02", "bulletinFamily": "NVD", "description": "The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.", "modified": "2018-03-13T01:29:00", "id": "CVE-2004-0558", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0558", "published": "2004-09-28T04:00:00", "title": "CVE-2004-0558", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-02-21T01:08:06", "bulletinFamily": "scanner", "description": "The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).\n\n\nThe Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP).\nAlvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive.\nAdditionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups.\nIt allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.", "modified": "2010-10-06T00:00:00", "id": "SUSE_SA_2004_031.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14730", "published": "2004-09-15T00:00:00", "title": "SUSE-SA:2004:031: cups", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2004:031\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(14730);\n script_version (\"$Revision: 1.10 $\");\n script_bugtraq_id(11183, 11184);\n script_cve_id(\"CVE-2004-0558\", \"CVE-2004-0801\");\n \n name[\"english\"] = \"SUSE-SA:2004:031: cups\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).\n\n\nThe Common Unix Printing System (CUPS) enables local and remote users to\nobtain printing functionallity via the Internet Printing Protocol (IPP).\nAlvaro Martinez Echevarria has found a remote Denial of Service condition\nwithin CUPS which allows remote users to make the cups server unresponsive.\nAdditionally the SUSE Security Team has discovered a flaw in the\nfoomatic-rip print filter which is commonly installed along with cups.\nIt allows remote attackers, which are listed in the printing ACLs, to\nexecute arbitrary commands as the printing user 'lp'.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/2004_31_cups.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/09/15\");\n script_cvs_date(\"$Date: 2010/10/06 02:47:45 $\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the cups package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2004-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"cups-1.1.15-170\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-libs-1.1.15-170\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-client-1.1.15-170\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-1.1.18-96\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-libs-1.1.18-96\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-client-1.1.18-96\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-1.1.19-93\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-libs-1.1.19-93\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-client-1.1.19-93\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"foomatic-filters-3.0.0-100\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-1.1.20-108.8\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-libs-1.1.20-108.8\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"cups-client-1.1.20-108.8\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"foomatic-filters-3.0.1-41.6\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif (rpm_exists(rpm:\"cups-\", release:\"SUSE8.1\")\n || rpm_exists(rpm:\"cups-\", release:\"SUSE8.2\")\n || rpm_exists(rpm:\"cups-\", release:\"SUSE9.0\")\n || rpm_exists(rpm:\"cups-\", release:\"SUSE9.1\") )\n{\n set_kb_item(name:\"CVE-2004-0558\", value:TRUE);\n set_kb_item(name:\"CVE-2004-0801\", value:TRUE);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:58", "bulletinFamily": "scanner", "description": "The following package needs to be updated: cups-base", "modified": "2004-09-16T00:00:00", "published": "2004-09-16T00:00:00", "id": "FREEBSD_CUPS_1121.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14763", "type": "nessus", "title": "FreeBSD : cups -- print queue browser denial-of-service (27)", "sourceData": "# @DEPRECATED@\n# \n# This script has been deprecated by freebsd_pkg_05dcf751073311d9b45d000c41e2cdad.nasl.\n#\n# Disabled on 2011/10/01.\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This script contains information extracted from VuXML :\n#\n# Copyright 2003-2006 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n#\n#\n\ninclude('compat.inc');\n\nif ( description )\n{\n script_id(14763);\n script_version(\"$Revision: 1.10 $\");\n script_cve_id(\"CVE-2004-0558\");\n\n script_name(english:\"FreeBSD : cups -- print queue browser denial-of-service (27)\");\n\nscript_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');\nscript_set_attribute(attribute:'description', value:'The following package needs to be updated: cups-base');\nscript_set_attribute(attribute: 'cvss_vector', value: 'CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P');\nscript_set_attribute(attribute:'solution', value: 'Update the package on the remote host');\nscript_set_attribute(attribute: 'see_also', value: 'http://bugs.mysql.com/bug.php?id=3270\nhttp://www.cups.org/str.php?L863\nhttp://www.mantisbt.org/bugs/view.php?id=9533\nhttp://www.phpbb.com/support/documents.php?mode=changelog');\nscript_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/05dcf751-0733-11d9-b45d-000c41e2cdad.html');\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/09/16\");\n script_end_attributes();\n script_summary(english:\"Check for cups-base\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"FreeBSD Local Security Checks\";\n script_family(english:family[\"english\"]);\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/FreeBSD/pkg_info\");\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Refer to plugin #37713 (freebsd_pkg_05dcf751073311d9b45d000c41e2cdad.nasl) instead.\");\n\nglobal_var cvss_score;\ncvss_score=5;\ninclude('freebsd_package.inc');\n\n\npkg_test(pkg:\"cups-base<1.1.21\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:38", "bulletinFamily": "scanner", "description": "New CUPS packages are available for Slackware 9.1, 10.0, and -current to fix a denial of service issue where a malformed packet can crash the CUPS server.", "modified": "2018-08-09T00:00:00", "id": "SLACKWARE_SSA_2004-266-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18752", "published": "2005-07-13T00:00:00", "title": "Slackware 10.0 / 9.1 / current : CUPS DoS (SSA:2004-266-01)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2004-266-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18752);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"SSA\", value:\"2004-266-01\");\n\n script_name(english:\"Slackware 10.0 / 9.1 / current : CUPS DoS (SSA:2004-266-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New CUPS packages are available for Slackware 9.1, 10.0, and -current\nto fix a denial of service issue where a malformed packet can crash\nthe CUPS server.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362106\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce61704a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"cups\", pkgver:\"1.1.21\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"cups\", pkgver:\"1.1.21\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"cups\", pkgver:\"1.1.21\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:07", "bulletinFamily": "scanner", "description": "This update fixes a denial of service problem causing loss of browse services. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0558 to this issue.\n\nIn addition, this update fixes the cupsenable, cupsdisable and accept commands.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-19T00:00:00", "id": "FEDORA_2004-275.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14839", "published": "2004-09-28T00:00:00", "title": "Fedora Core 2 : cups-1.1.20-11.3 (2004-275)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2004-275.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14839);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 23:19:04\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"FEDORA\", value:\"2004-275\");\n\n script_name(english:\"Fedora Core 2 : cups-1.1.20-11.3 (2004-275)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a denial of service problem causing loss of browse\nservices. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0558 to this issue.\n\nIn addition, this update fixes the cupsenable, cupsdisable and accept\ncommands.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-September/000308.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf6ee546\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"cups-1.1.20-11.3\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-debuginfo-1.1.20-11.3\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-devel-1.1.20-11.3\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"cups-libs-1.1.20-11.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-debuginfo / cups-devel / cups-libs\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:17", "bulletinFamily": "scanner", "description": "The target is running a CUPS server that supports browsing of network printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing feature can be disabled by sending an empty UDP datagram to the CUPS server.", "modified": "2018-07-06T00:00:00", "id": "CUPS_EMPTY_UDP_DOS.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15900", "published": "2004-12-03T00:00:00", "title": "CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS", "type": "nessus", "sourceData": "#\n# This script was written by George A. Theall, <theall@tifaware.com>.\n#\n# See the Nessus Scripts License for details.\n#\n\n\ninclude(\"compat.inc\");\n\nif (description) {\n script_id(15900);\n script_version(\"1.14\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_bugtraq_id(11183);\n\n script_name(english:\"CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote print server is affected by a denial of service \nvulnerability.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The target is running a CUPS server that supports browsing of network\nprinters and that is vulnerable to a limited type of denial of service\nattack. Specifically, the browsing feature can be disabled by sending\nan empty UDP datagram to the CUPS server.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.cups.org/str.php?L863\" );\n script_set_attribute(attribute:\"see_also\", value:\"ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm\" );\n # ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0ff4652a\" );\n script_set_attribute(attribute:\"see_also\", value:\"ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.15/SCOSA-2004.15.txt\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to CUPS 1.1.21rc2 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/12/03\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2004/09/16\");\n script_cvs_date(\"Date: 2018/07/06 11:26:08\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:cups\");\nscript_end_attributes();\n\n\n summary[\"english\"] = \"Checks for Empty UDP Datagram DoS Vulnerability in CUPS\";\n script_summary(english:summary[\"english\"]);\n\n script_category(ACT_DENIAL);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 George A. Theall\");\n script_family(english:\"Misc.\");\n script_dependencie(\"find_service1.nasl\", \"global_settings.nasl\", \"http_version.nasl\");\n script_require_keys(\"www/cups\");\n script_require_ports(\"Services/www\", 631);\n script_require_udp_ports(631);\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"misc_func.inc\");\n\n\n# This function tries to add a printer using the browsing feature.\n#\n# Args:\n# o port, CUPS port number (note: both tcp and udp port # are assumed equal)\n# o name, a name for the printer\n# o desc, a description of the printer.\n#\n# Return:\n# 1 if successful, 0 otherwise.\nfunction add_printer(port, name, desc) {\n local_var packet, req, res, soc, url;\n\n if (! get_udp_port_state(port)) return 0;\n\n # CUPS Browsing Protocol is detailed at <http://www.cups.org/idd.html#4_2>.\n packet = string(\n \"6 \", # Type (remote printer w/o colour)\n \"3 \", # State (idle)\n \"ipp://example.com:\", port, \"/printers/\", name, \" \", # URI\n '\"n/a\" ', # Location\n '\"', desc, '\" ', # Information\n '\"n/a\"' # Make and model\n );\n if (debug_level) display(\"debug: sending '\", packet, \"'.\\n\");\n soc = open_sock_udp(port);\n # nb: open_sock_udp is unlikely to fail - after all, this is udp.\n if (!soc) return 0;\n send(socket:soc, data:string(packet, \"\\n\"));\n close(soc);\n\n # Check whether cupsd knows about the printer now.\n url = string(\"/printers/\", name);\n if (debug_level) display(\"debug: checking '\", url, \"'.\\n\");\n req = http_get(item:url, port:port);\n res = http_keepalive_send_recv(port:port, data:req);\n if (res == NULL) return(0); # can't connect\n if (debug_level) display(\"debug: received '\", res, \"'.\\n\");\n if (egrep(string:res, pattern:string(\"Description: \", desc))) return 1;\n return 0;\n}\n\n\nhost = get_host_name();\nports = add_port_in_list(list:get_kb_list(\"Services/www\"), port:631);\nforeach port (ports) {\n # Look at port only if it corresponds to a CUPS server.\n banner = get_http_banner(port:port);\n if (egrep(string:banner, pattern:\"Server: CUPS\")) {\n if (debug_level) display(\"debug: checking for empty UDP datagram DoS vulnerability in CUPS on \", host, \":\", port, \".\\n\");\n\n # NB: since ICMP unreachable are easily dropped by firewalls, we can't\n # simply probe the UDP port: doing so would risk false positives.\n # So, we'll try adding a printer using the browsing protocol and\n # check whether it was indeed added.\n rc = add_printer(port:port, name:\"nasl_test1\", desc:\"NASL Plugin Test #1\");\n\n if (rc == 1) {\n if (debug_level) display(\"debug: browsing works; sending empty datagram.\\n\");\n soc = open_sock_udp(port);\n # nb: open_sock_udp is unlikely to fail - after all, this is udp.\n if (!soc) exit(0);\n send(socket:soc, data:\"\");\n close(soc);\n # NB: if browsing is disabled, cups error log will have lines like:\n # Oct 6 16:28:18 salt cupsd[26671]: Browse recv failed - No such file or directory.\n # Oct 6 16:28:18 salt cupsd[26671]: Browsing turned off.\n\n # Check whether browsing is still enabled.\n if (debug_level) display(\"debug: testing if port is still open.\\n\");\n rc = add_printer(port:port, name:\"nasl_test2\", desc:\"NASL Plugin Test #2\");\n if (rc == 0) {\n if (debug_level) display(\"debug: looks like the browser was disabled.\\n\");\n security_warning(port:port, proto:\"udp\");\n }\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:06", "bulletinFamily": "scanner", "description": "Alvaro Martinez Echevarria discovered a vulnerability in the CUPS print server where an empty UDP datagram sent to port 631 (the default port that cupsd listens to) would disable browsing. This would prevent cupsd from seeing any remote printers or any future remote printer changes.\n\nThe updated packages are patched to protect against this vulnerability.", "modified": "2018-07-19T00:00:00", "id": "MANDRAKE_MDKSA-2004-097.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14753", "published": "2004-09-16T00:00:00", "title": "Mandrake Linux Security Advisory : cups (MDKSA-2004:097)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:097. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14753);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2018/07/19 20:59:13\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"MDKSA\", value:\"2004:097\");\n\n script_name(english:\"Mandrake Linux Security Advisory : cups (MDKSA-2004:097)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alvaro Martinez Echevarria discovered a vulnerability in the CUPS\nprint server where an empty UDP datagram sent to port 631 (the default\nport that cupsd listens to) would disable browsing. This would prevent\ncupsd from seeing any remote printers or any future remote printer\nchanges.\n\nThe updated packages are patched to protect against this\nvulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.cups.org/str.php?L863\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-common-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"cups-serial-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64cups2-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64cups2-devel-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libcups2-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libcups2-devel-1.1.20-5.1.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-common-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"cups-serial-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64cups2-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64cups2-devel-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libcups2-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libcups2-devel-1.1.19-10.1.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:06", "bulletinFamily": "scanner", "description": "Updated cups packages that fix a denial of service vulnerability are now available.\n\nThe Common UNIX Printing System (CUPS) is a print spooler.\n\nAlvaro Martinez Echevarria reported a bug in the CUPS Internet Printing Protocol (IPP) implementation in versions of CUPS prior to 1.1.21. An attacker could send a carefully crafted UDP packet to the IPP port which could cause CUPS to stop listening to the port and result in a denial of service. In order to exploit this bug, an attacker would need to have the ability to send a UDP packet to the IPP port (by default 631). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0558 to this issue.\n\nAll users of cups should upgrade to these updated packages, which contain a backported patch as well as a fix for a non-exploitable off-by-one bug.", "modified": "2018-12-20T00:00:00", "id": "REDHAT-RHSA-2004-449.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14737", "published": "2004-09-15T00:00:00", "title": "RHEL 3 : cups (RHSA-2004:449)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:449. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14737);\n script_version (\"1.24\");\n script_cvs_date(\"Date: 2018/12/20 11:08:45\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"RHSA\", value:\"2004:449\");\n\n script_name(english:\"RHEL 3 : cups (RHSA-2004:449)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix a denial of service vulnerability are\nnow available.\n\nThe Common UNIX Printing System (CUPS) is a print spooler.\n\nAlvaro Martinez Echevarria reported a bug in the CUPS Internet\nPrinting Protocol (IPP) implementation in versions of CUPS prior to\n1.1.21. An attacker could send a carefully crafted UDP packet to the\nIPP port which could cause CUPS to stop listening to the port and\nresult in a denial of service. In order to exploit this bug, an\nattacker would need to have the ability to send a UDP packet to the\nIPP port (by default 631). The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2004-0558 to this\nissue.\n\nAll users of cups should upgrade to these updated packages, which\ncontain a backported patch as well as a fix for a non-exploitable\noff-by-one bug.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0558\"\n );\n # http://www.cups.org/str.php?L863\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/apple/cups/issues/863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:449\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cups, cups-devel and / or cups-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:449\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-1.1.17-13.3.13\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-devel-1.1.17-13.3.13\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-libs-1.1.17-13.3.13\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:11:48", "bulletinFamily": "scanner", "description": "If the CUPS server (cupsd) receives a zero-length UDP message, it will disable its print queue browser service.", "modified": "2018-12-19T00:00:00", "id": "FREEBSD_PKG_05DCF751073311D9B45D000C41E2CDAD.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=37713", "published": "2009-04-23T00:00:00", "title": "FreeBSD : cups -- print queue browser denial-of-service (05dcf751-0733-11d9-b45d-000c41e2cdad)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37713);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/12/19 13:21:17\");\n\n script_cve_id(\"CVE-2004-0558\");\n\n script_name(english:\"FreeBSD : cups -- print queue browser denial-of-service (05dcf751-0733-11d9-b45d-000c41e2cdad)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"If the CUPS server (cupsd) receives a zero-length UDP message, it will\ndisable its print queue browser service.\"\n );\n # http://www.cups.org/str.php?L863\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/apple/cups/issues/863\"\n );\n # https://vuxml.freebsd.org/freebsd/05dcf751-0733-11d9-b45d-000c41e2cdad.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87ca2615\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:cups-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/08/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"cups-base<1.1.21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:12", "bulletinFamily": "scanner", "description": "Alvaro Martinez Echevarria discovered a problem in CUPS, the Common UNIX Printing System. An attacker can easily disable browsing in CUPS by sending a specially crafted UDP datagram to port 631 where cupsd is running.", "modified": "2018-08-09T00:00:00", "id": "DEBIAN_DSA-545.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15382", "published": "2004-09-29T00:00:00", "title": "Debian DSA-545-1 : cupsys - denial of service", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-545. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15382);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"DSA\", value:\"545\");\n\n script_name(english:\"Debian DSA-545-1 : cupsys - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alvaro Martinez Echevarria discovered a problem in CUPS, the Common\nUNIX Printing System. An attacker can easily disable browsing in CUPS\nby sending a specially crafted UDP datagram to port 631 where cupsd is\nrunning.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-545\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cups packages.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.1.14-5woody6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cupsys\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"cupsys\", reference:\"1.1.14-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"cupsys-bsd\", reference:\"1.1.14-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"cupsys-client\", reference:\"1.1.14-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"cupsys-pstoraster\", reference:\"1.1.14-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libcupsys2\", reference:\"1.1.14-5woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libcupsys2-dev\", reference:\"1.1.14-5woody6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:06", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200409-25 (CUPS: Denial of service vulnerability)\n\n Alvaro Martinez Echevarria discovered a hole in the CUPS Internet Printing Protocol (IPP) implementation that allows remote attackers to cause CUPS to stop listening on the IPP port.\n Impact :\n\n A remote user with malicious intent can easily cause a denial of service to the CUPS daemon by sending a specially crafted UDP datagram packet to the IPP port.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-12-18T00:00:00", "id": "GENTOO_GLSA-200409-25.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=14780", "published": "2004-09-21T00:00:00", "title": "GLSA-200409-25 : CUPS: Denial of service vulnerability", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200409-25.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14780);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/12/18 10:18:58\");\n\n script_cve_id(\"CVE-2004-0558\");\n script_xref(name:\"GLSA\", value:\"200409-25\");\n\n script_name(english:\"GLSA-200409-25 : CUPS: Denial of service vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200409-25\n(CUPS: Denial of service vulnerability)\n\n Alvaro Martinez Echevarria discovered a hole in the CUPS Internet Printing\n Protocol (IPP) implementation that allows remote attackers to cause CUPS to\n stop listening on the IPP port.\n \nImpact :\n\n A remote user with malicious intent can easily cause a denial of service to\n the CUPS daemon by sending a specially crafted UDP datagram packet to the\n IPP port.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.cups.org/str.php?L863\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/apple/cups/issues/863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200409-25\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All CUPS users should upgrade to the latest version:\n # emerge sync\n # emerge -pv '>=net-print/cups-1.1.20-r2'\n # emerge '>=net-print/cups-1.1.20-r2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-print/cups\", unaffected:make_list(\"ge 1.1.20-r2\"), vulnerable:make_list(\"lt 1.1.20-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"CUPS\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-26T08:55:39", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-client\n cups-libs\n cups\n foomatic-filters\n cups-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019347 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65524", "id": "OPENVAS:65524", "title": "SLES9: Security update for CUPS", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5019347.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for CUPS\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n cups-client\n cups-libs\n cups\n foomatic-filters\n cups-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5019347 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65524);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0801\", \"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for CUPS\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"cups-client\", rpm:\"cups-client~1.1.20~108.8\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:03", "bulletinFamily": "scanner", "description": "The remote host is missing an update to cupsys\nannounced via advisory DSA 545-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53235", "id": "OPENVAS:53235", "title": "Debian Security Advisory DSA 545-1 (cupsys)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_545_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 545-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Alvaro Martinez Echevarria discovered a problem in CUPS, the Common\nUNIX Printing System. An attacker can easily disable browsing in CUPS\nby sending a specially crafted UDP datagram to port 631 where cupsd is\nrunning.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.1.14-5woody6.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion cupsys_1.1.20final+rc1-6.\n\nWe recommend that you upgrade your cups packages.\";\ntag_summary = \"The remote host is missing an update to cupsys\nannounced via advisory DSA 545-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20545-1\";\n\nif(description)\n{\n script_id(53235);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(11183);\n script_cve_id(\"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 545-1 (cupsys)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cupsys\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-bsd\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-client\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cupsys-pstoraster\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcupsys2-dev\", ver:\"1.1.14-5woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-266-01.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53908", "id": "OPENVAS:53908", "title": "Slackware Advisory SSA:2004-266-01 CUPS DoS", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_266_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New CUPS packages are available for Slackware 9.1, 10.0, and -current to\nfix a denial of service issue where a malformed packet can crash the\nCUPS server.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2004-266-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-266-01\";\n \nif(description)\n{\n script_id(53908);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_bugtraq_id(11183);\n script_cve_id(\"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2004-266-01 CUPS DoS \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"cups\", ver:\"1.1.21-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"cups\", ver:\"1.1.21-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:31:57", "bulletinFamily": "scanner", "description": "The target is running a CUPS server that supports browsing of network\n printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing\n feature can be disabled by sending an empty UDP datagram to the CUPS server.", "modified": "2019-03-04T00:00:00", "published": "2005-11-03T00:00:00", "id": "OPENVAS:136141256231015900", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231015900", "title": "CUPS Empty UDP Datagram DoS Vulnerability", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: cups_empty_udp_dos.nasl 13975 2019-03-04 09:32:08Z cfischer $\n#\n# CUPS Empty UDP Datagram DoS Vulnerability\n#\n# Authors:\n# George A. Theall, <theall@tifaware.com>\n#\n# Copyright:\n# Copyright (C) 2004 George A. Theall\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:cups\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.15900\");\n script_version(\"$Revision: 13975 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-04 10:32:08 +0100 (Mon, 04 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2004-0558\");\n script_bugtraq_id(11183);\n script_xref(name:\"OSVDB\", value:\"9995\");\n script_name(\"CUPS Empty UDP Datagram DoS Vulnerability\");\n script_category(ACT_DENIAL);\n script_copyright(\"This script is Copyright (C) 2004 George A. Theall\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_cups_detect.nasl\");\n script_require_ports(\"Services/www\", 631);\n script_mandatory_keys(\"CUPS/installed\");\n script_require_udp_ports(631);\n\n script_tag(name:\"solution\", value:\"Upgrade to CUPS 1.1.21rc2 or later.\");\n\n script_tag(name:\"summary\", value:\"The target is running a CUPS server that supports browsing of network\n printers and that is vulnerable to a limited type of denial of service attack. Specifically, the browsing\n feature can be disabled by sending an empty UDP datagram to the CUPS server.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_analysis\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\n\n# This function tries to add a printer using the browsing feature.\n#\n# Args:\n# o port, CUPS port number (note: both tcp and udp port # are assumed equal)\n# o name, a name for the printer\n# o desc, a description of the printer.\n#\n# Return:\n# 1 if successful, 0 otherwise.\nfunction add_printer( port, name, desc ) {\n\n local_var packet, req, res, soc, url, port, name, desc;\n\n # CUPS Browsing Protocol is detailed at <http://www.cups.org/idd.html#4_2>.\n packet = string(\n \"6 \", # Type (remote printer w/o colour)\n \"3 \", # State (idle)\n \"ipp://example.com:\", port, \"/printers/\", name, \" \", # URI\n '\"n/a\" ', # Location\n '\"', desc, '\" ', # Information\n '\"n/a\"' # Make and model\n );\n soc = open_sock_udp( port );\n # nb: open_sock_udp is unlikely to fail - after all, this is udp.\n if( ! soc )\n return FALSE;\n\n send( socket:soc, data:string( packet, \"\\n\" ) );\n close( soc );\n\n url = string( \"/printers/\", name );\n\n req = http_get( item:url, port:port );\n res = http_keepalive_send_recv( port:port, data:req );\n if(!res)\n return FALSE; # can't connect\n\n if( egrep( string:res, pattern:string( \"Description: \", desc ) ) )\n return TRUE;\n else\n return FALSE;\n}\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! get_app_location( cpe:CPE, port:port ) )\n exit( 0 );\n\nvtstrings = get_vt_strings();\nhost = http_host_name( port:port );\n\n# NB: since ICMP unreachable are easily dropped by firewalls, we can't\n# simply probe the UDP port: doing so would risk false positives.\n# So, we'll try adding a printer using the browsing protocol and\n# check whether it was indeed added.\nrc = add_printer( port:port, name:vtstrings[\"lowercase\"] + \"_test1\", desc:vtstrings[\"default\"] + \" Test #1\" );\n\nif( rc ) {\n\n soc = open_sock_udp( port );\n # nb: open_sock_udp is unlikely to fail - after all, this is udp.\n if( ! soc )\n exit( 0 );\n\n send( socket:soc, data:\"\" );\n close( soc );\n # NB: if browsing is disabled, cups error log will have lines like:\n # Oct 6 16:28:18 salt cupsd[26671]: Browse recv failed - No such file or directory.\n # Oct 6 16:28:18 salt cupsd[26671]: Browsing turned off.\n\n rc = add_printer( port:port, name:vtstrings[\"lowercase\"] + \"_test2\", desc:vtstrings[\"default\"] + \" Test #2\" );\n if( ! rc ) {\n security_message( port:port, proto:\"udp\" );\n exit ( 0 );\n }\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:48", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2004-266-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231053908", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231053908", "title": "Slackware Advisory SSA:2004-266-01 CUPS DoS", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2004_266_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.53908\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_bugtraq_id(11183);\n script_cve_id(\"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2004-266-01 CUPS DoS\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.1|10\\.0)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2004-266-01\");\n\n script_tag(name:\"insight\", value:\"New CUPS packages are available for Slackware 9.1, 10.0, and -current to\nfix a denial of service issue where a malformed packet can crash the\nCUPS server.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2004-266-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"cups\", ver:\"1.1.21-i486-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"cups\", ver:\"1.1.21-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:50:04", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200409-25.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54681", "id": "OPENVAS:54681", "title": "Gentoo Security Advisory GLSA 200409-25 (CUPS)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in CUPS allows remote attackers to cause a denial of\nservice when sending a carefully-crafted UDP packet to the IPP port.\";\ntag_solution = \"All CUPS users should upgrade to the latest version:\n\n # emerge sync\n\n # emerge -pv '>=net-print/cups-1.1.20-r2'\n # emerge '>=net-print/cups-1.1.20-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200409-25\nhttp://bugs.gentoo.org/show_bug.cgi?id=64168\nhttp://www.cups.org/str.php?L863\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200409-25.\";\n\n \n\nif(description)\n{\n script_id(54681);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(11183);\n script_cve_id(\"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200409-25 (CUPS)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-print/cups\", unaffected: make_list(\"ge 1.1.20-r2\"), vulnerable: make_list(\"lt 1.1.20-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-16T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52387", "id": "OPENVAS:52387", "title": "FreeBSD Ports: cups-base", "type": "openvas", "sourceData": "#\n#VID 05dcf751-0733-11d9-b45d-000c41e2cdad\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: cups-base\n\nCVE-2004-0558\nThe Internet Printing Protocol (IPP) implementation in CUPS before\n1.1.21 allows remote attackers to cause a denial of service (service\nhang) via a certain UDP packet to the IPP port.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.cups.org/str.php?L863\nhttp://www.vuxml.org/freebsd/05dcf751-0733-11d9-b45d-000c41e2cdad.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52387);\n script_version(\"$Revision: 4078 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-16 07:34:17 +0200 (Fri, 16 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(11183);\n script_cve_id(\"CVE-2004-0558\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: cups-base\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"cups-base\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.21\")<0) {\n txt += 'Package cups-base version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:05", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200409-24.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54680", "id": "OPENVAS:54680", "title": "Gentoo Security Advisory GLSA 200409-24 (foomatic)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The foomatic-rip filter in foomatic-filters contains a vulnerability which\nmay allow arbitrary command execution on the print server.\";\ntag_solution = \"All foomatic users should upgrade to the latest version:\n\n # emerge sync\n\n # emerge -pv '>=net-print/foomatic-3.0.2'\n # emerge '>=net-print/foomatic-3.0.2'\n\nPLEASE NOTE: You should update foomatic, instead of foomatic-filters. This\nwill help to ensure that all other foomatic components remain functional.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200409-24\nhttp://bugs.gentoo.org/show_bug.cgi?id=64166\nhttp://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html\nhttp://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200409-24.\";\n\n \n\nif(description)\n{\n script_id(54680);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-0801\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200409-24 (foomatic)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-print/foomatic\", unaffected: make_list(\"ge 3.0.2\"), vulnerable: make_list(\"le 3.0.1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"net-print/foomatic-filters\", unaffected: make_list(\"ge 3.0.2\"), vulnerable: make_list(\"le 3.0.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:05", "bulletinFamily": "software", "description": "## Vulnerability Description\nCUPS contains a flaw that may allow a remote denial of service. The issue is triggered when an empty UDP packet is sent to port 631 and will result in loss of availability for the cupsd.\n## Solution Description\nUpgrade to version 1.1.21rc2 or higher, as it has been reported to fix this vulnerability. Additionally, a patch has been provided to mitigate this issue.\n## Short Description\nCUPS contains a flaw that may allow a remote denial of service. The issue is triggered when an empty UDP packet is sent to port 631 and will result in loss of availability for the cupsd.\n## Manual Testing Notes\nnmap -sU -p 631 victim.com\n\nThe CUPS error log should read:\n\nBrowse recv failed - No such file or directory.\nBrowsing turned off.\n## References:\nVendor URL: http://www.cups.org\n[Vendor Specific Advisory URL](http://docs.info.apple.com/article.html?artnum=61798)\n[Vendor Specific Advisory URL](https://rhn.redhat.com/errata/RHSA-2004-449.html)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm)\n[Vendor Specific Advisory URL](ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt)\nSecurity Tracker: 1011283\n[Secunia Advisory ID:12566](https://secuniaresearch.flexerasoftware.com/advisories/12566/)\n[Secunia Advisory ID:12603](https://secuniaresearch.flexerasoftware.com/advisories/12603/)\n[Secunia Advisory ID:12626](https://secuniaresearch.flexerasoftware.com/advisories/12626/)\n[Secunia Advisory ID:12690](https://secuniaresearch.flexerasoftware.com/advisories/12690/)\n[Secunia Advisory ID:12812](https://secuniaresearch.flexerasoftware.com/advisories/12812/)\n[Secunia Advisory ID:17645](https://secuniaresearch.flexerasoftware.com/advisories/17645/)\n[Secunia Advisory ID:12558](https://secuniaresearch.flexerasoftware.com/advisories/12558/)\n[Secunia Advisory ID:12559](https://secuniaresearch.flexerasoftware.com/advisories/12559/)\n[Secunia Advisory ID:12571](https://secuniaresearch.flexerasoftware.com/advisories/12571/)\n[Secunia Advisory ID:12681](https://secuniaresearch.flexerasoftware.com/advisories/12681/)\n[Secunia Advisory ID:12556](https://secuniaresearch.flexerasoftware.com/advisories/12556/)\n[Secunia Advisory ID:12830](https://secuniaresearch.flexerasoftware.com/advisories/12830/)\nOther Solution URL: http://www.informatik.uni-bremen.de/~jmm/sec/cups-dos-security.patch\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:097\nOther Advisory URL: http://www.suse.com/de/security/2004_31_cups.html\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200409-25.xml\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000872\nOther Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362106\nOther Advisory URL: http://www.debian.org/security/2004/dsa-545\nOther Advisory URL: http://www.suse.de/de/security/2004_31_cups.html\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.15/SCOSA-2004.15.txt\nOther Advisory URL: http://www.cups.org/str.php?L863\n[Nessus Plugin ID:14737](https://vulners.com/search?query=pluginID:14737)\n[Nessus Plugin ID:14780](https://vulners.com/search?query=pluginID:14780)\n[Nessus Plugin ID:14839](https://vulners.com/search?query=pluginID:14839)\n[Nessus Plugin ID:14753](https://vulners.com/search?query=pluginID:14753)\nKeyword: SCOSA-2005.49\nKeyword: UDP Port 631,DSA-545-1,MDKSA-2004:097,SUSE-SA:2004:031 \nISS X-Force ID: 17389\n[CVE-2004-0558](https://vulners.com/cve/CVE-2004-0558)\n", "modified": "2004-09-16T07:45:47", "published": "2004-09-16T07:45:47", "href": "https://vulners.com/osvdb/OSVDB:9995", "id": "OSVDB:9995", "type": "osvdb", "title": "CUPS Empty UDP Datagram DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:05", "bulletinFamily": "software", "description": "## Vulnerability Description\nFoomatic contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when command-lines and environment variables in the foomatic-rip print filter are not sufficiently validated. This flaw may lead to a loss of integrity.\n## Solution Description\nUpgrade to version 3.0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nFoomatic contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when command-lines and environment variables in the foomatic-rip print filter are not sufficiently validated. This flaw may lead to a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html)\nSecurity Tracker: 1011290\n[Secunia Advisory ID:13011](https://secuniaresearch.flexerasoftware.com/advisories/13011/)\n[Secunia Advisory ID:14175](https://secuniaresearch.flexerasoftware.com/advisories/14175/)\n[Secunia Advisory ID:20312](https://secuniaresearch.flexerasoftware.com/advisories/20312/)\n[Secunia Advisory ID:12557](https://secuniaresearch.flexerasoftware.com/advisories/12557/)\n[Secunia Advisory ID:12567](https://secuniaresearch.flexerasoftware.com/advisories/12567/)\n[Secunia Advisory ID:12591](https://secuniaresearch.flexerasoftware.com/advisories/12591/)\n[Secunia Advisory ID:12610](https://secuniaresearch.flexerasoftware.com/advisories/12610/)\nOther Advisory URL: http://www.suse.com/de/security/2004_31_cups.html\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000880\nOther Advisory URL: http://www.linuxprinting.org/pipermail/foomatic-devel/2004q3/001996.html\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:094\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200409-24.xml\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt\n[Nessus Plugin ID:14750](https://vulners.com/search?query=pluginID:14750)\n[Nessus Plugin ID:14789](https://vulners.com/search?query=pluginID:14789)\n[Nessus Plugin ID:14779](https://vulners.com/search?query=pluginID:14779)\n[CVE-2004-0801](https://vulners.com/cve/CVE-2004-0801)\n", "modified": "2004-09-14T00:00:00", "published": "2004-09-14T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:10000", "id": "OSVDB:10000", "type": "osvdb", "title": "Foomatic foomatic-rip Filter Command Execution", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:35:12", "bulletinFamily": "unix", "description": "\nIf the CUPS server (cupsd) receives a zero-length UDP\n\t message, it will disable its print queue browser service.\n", "modified": "2004-08-23T00:00:00", "published": "2004-08-23T00:00:00", "id": "05DCF751-0733-11D9-B45D-000C41E2CDAD", "href": "https://vuxml.freebsd.org/freebsd/05dcf751-0733-11d9-b45d-000c41e2cdad.html", "title": "cups -- print queue browser denial-of-service", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:34", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 545-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nSeptember 15th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : cupsys\nVulnerability : denial of service\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-0558\n\nAlvaro Martinez Echevarria discovered a problem in CUPS, the Common\nUNIX Printing System. An attacker can easily disable browsing in CUPS\nby sending a specially crafted UDP datagram to port 631 where cupsd is\nrunning.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.1.14-5woody6.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion cupsys_1.1.20final+rc1-6.\n\nWe recommend that you upgrade your cups packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6.dsc\n Size/MD5 checksum: 710 a07b12e56c064cc392408b4cd35297ec\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6.diff.gz\n Size/MD5 checksum: 37466 a3a4e41f61264d96f454e90ba4b5f1b2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14.orig.tar.gz\n Size/MD5 checksum: 6150756 0dfa41f29fa73e7744903b2471d2ca2f\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 1899360 f215d659dec85338570effe22d1ed2d6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 74074 0768333965c953b7b4c4e753e5faf1f0\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 92724 1cfaeb0a068ee8b746354c4c70a17241\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 2445566 ffd962bb1528991357378aa3687723c0\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 137730 90376f68cf54ad34612d5684bccf22b3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_alpha.deb\n Size/MD5 checksum: 180676 34a42174524a51bcd4f47f1d7fa8144f\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 1821354 9075d071f37fc9f12c7c2e198bc4d11d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 68208 3ef56fd8fa630f466135c031a7a92242\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 85392 d7b701513b6625243a959a0fc642f500\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 2345556 0adb9cd8ec0545e78a2b6e22ae6da85f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 112704 b8015d9c950665b0c7e20473f5a5dded\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_arm.deb\n Size/MD5 checksum: 150136 a85d1577cccfa88d18eb3cc9925b158c\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 1788040 ad9376585f934dd43ddd14a0efa24e38\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 67712 f661bca82a2c3041ba8c264902d71da9\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 83866 5650f15f66e3b4b1f7eb28d531be6655\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 2311690 ade7b27e7a5ac5b447ea86d2a0f7da0b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 110720 26daaa4bda276fc01ad1dec18a9e6246\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_i386.deb\n Size/MD5 checksum: 136290 89cdd3c3040084ddca0957cb358e7ee2\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 2007500 78ffbb37d23cc9a17b6d4f69a4ede6d2\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 77106 2ec1eb32c757b287e7968fcd29e5f4f1\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 96862 59534ee68008b087f7898569eecba0d6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 2656502 6f4963047d424a11b1a753fa7f964e4e\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 155700 d014b6fa8a66598ac561ce3976f920a3\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_ia64.deb\n Size/MD5 checksum: 182670 bb59c120ec4da8bb805d76787a6649e4\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 1881226 fb118c844cfdb7f6dd9e8f0112c5aa93\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 70512 4e989a1423e889292f12d3e224606516\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 89532 e600d34e6f5899fea345ac3c6c583ff6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 2455674 bf2076d60f3ff5275652a0e9c0c39264\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 126338 a976066dd66a391db93ca10b26175a9d\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_hppa.deb\n Size/MD5 checksum: 159268 cbf07f66309b72985528a509a4deab73\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 1754648 5c2029510c1fa709c47e7ff46d8de814\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 65992 0cd2e5053aa6a299abe2d7afb6bfc2fb\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 81098 7c19ade6475957b7b718380f8a58ee73\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 2261102 3031b40b3d90f1b6a6a80c2b626013c5\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 105946 79faaf339c0982baaba6848d736ac2fc\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_m68k.deb\n Size/MD5 checksum: 128508 304b48deb19c4975a39baf68d4108cfe\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 1811166 63316c5c5216aaa4ff28962b479c374f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 67630 323139073dce81bf159f41830023ccc6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 81064 7c4feb7d5d27abe2688903eac8c22a79\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 2404372 0db437ad25beaa39224f5466a704bb49\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 112498 6fd8048438c21e99ebff7eb7ea6af835\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_mips.deb\n Size/MD5 checksum: 150964 466cb076e1d06e1032143675171d4986\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 1811650 7da825f32fb70cdb41a3f30da4f34e71\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 67602 4571b05b1a7b6a1d3a0d8dbedc071c5c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 81084 aba46d5e79fb1feb7808b864d4415a56\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 2406732 d7c7674cb01f7dcaae94c30035a2395b\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 112284 042425fa79583bd196a39bd18023c578\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_mipsel.deb\n Size/MD5 checksum: 150744 91bb5b8993e1a1a7616d44e31ab6f7c8\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 1800042 6bbbb0187ffa85235f79102fc57c14bb\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 67616 f93ce6c4ff46c8ba0b0a9a23d7d0ae63\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 83186 57dce89627c85210935171ae87a342ad\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 2359516 cb59819be590ef13a3e2992b2cc45859\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 116502 1b65cba959b9d238c12ae97f38617de0\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_powerpc.deb\n Size/MD5 checksum: 144954 c993a822fdcfbe1b8f7378c5af76b015\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 1795432 bd0bac0bf25153570378024d0f8d3ba7\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 68996 e8a7d3f58145a295eb0d48940552269f\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 85726 d751455c2423b4ec6725fbdfac2b6204\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 2337350 cd84ea419933e75ecba143cf704c96ca\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 115024 5e88baead30a2b62355049fa62f72ff9\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_s390.deb\n Size/MD5 checksum: 140560 ca6c5e78433107fea3a0c78000a1a4eb\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 1844846 a537c47a07f07eb40e37b5cb5a93e33c\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 70580 04163ae6f92eb9494a6778659f520d8d\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 84012 eb292bf575b623e1b98a33e01db6f0d6\n http://security.debian.org/pool/updates/main/c/cupsys/cupsys-pstoraster_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 2354384 d103635563e4a36830a91f46340fd14f\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 120182 3e52cd974f9e51bc3013b565cf12ef35\n http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.1.14-5woody6_sparc.deb\n Size/MD5 checksum: 146496 8ee6bbaa97c04825178bfe7e7504bc4b\n\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "modified": "2004-09-15T00:00:00", "published": "2004-09-15T00:00:00", "id": "DEBIAN:DSA-545-1:3A381", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00148.html", "title": "[SECURITY] [DSA 545-1] New cupsys packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:36:39", "bulletinFamily": "unix", "description": "New CUPS packages are available for Slackware 9.1, 10.0, and -current to\nfix a denial of service issue where a malformed packet can crash the\nCUPS server.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558\n\nHere are the details from the Slackware 10.0 ChangeLog:\n\n\npatches/packages/cups-1.1.21-i486-1.tgz: Upgraded to cups-1.1.21.\n This fixes a flaw where a remote attacker can crash the CUPS\n server causing a denial of service.\n For more details, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/cups-1.1.21-i486-1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/cups-1.1.21-i486-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/cups-1.1.21-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\nb3f16be12546c626071281bc17e11739 cups-1.1.21-i486-1.tgz\n\nSlackware 10.0 package:\n6cca53545b2ea2d260a3ad4f55e22153 cups-1.1.21-i486-1.tgz\n\nSlackware -current package:\n01cc7de97fd7f6d51c3803b5c286dcff cups-1.1.21-i486-1.tgz\n\n\nInstallation instructions:\n\nFirst, if the CUPS server (cupsd) is running, stop it:\n. /etc/rc.d/rc.cups stop\n\nThen upgrade using upgradepkg (as root):\nupgradepkg cups-1.1.21-i486-1.tgz\n\nFinally, restart cupsd (if needed):\n. /etc/rc.d/rc.cups start", "modified": "2004-09-22T13:38:36", "published": "2004-09-22T13:38:36", "id": "SSA-2004-266-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.362106", "title": "CUPS DoS", "type": "slackware", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandrakelinux Security Update Advisory\r\n _______________________________________________________________________\r\n\r\n Package name: cups\r\n Advisory ID: MDKSA-2004:097\r\n Date: September 15th, 2004\r\n\r\n Affected versions: 10.0, 9.2, Corporate Server 2.1\r\n ______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Alvaro Martinez Echevarria discovered a vulnerability in the CUPS\r\n print server where an empty UDP datagram sent to port 631 &#40;the default\r\n port that cupsd listens to&#41; would disable browsing. This would\r\n prevent cupsd from seeing any remote printers or any future remote\r\n printer changes.\r\n \r\n The updated packages are patched to protect against this vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558\r\n http://www.cups.org/str.php?L863\r\n ______________________________________________________________________\r\n\r\n Updated Packages:\r\n \r\n Mandrakelinux 10.0:\r\n 6f786e3ec36e246d7370f492e53e8071 10.0/RPMS/cups-1.1.20-5.1.100mdk.i586.rpm\r\n 3b648685e2d6daca32c19f0c911c2a2d 10.0/RPMS/cups-common-1.1.20-5.1.100mdk.i586.rpm\r\n c38951a854429442227c08493ce95b10 10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.i586.rpm\r\n 68d867e3151cc40be946f7e6585718b3 10.0/RPMS/libcups2-1.1.20-5.1.100mdk.i586.rpm\r\n 73a61738b404f9ffe2f5d33d999c58d8 10.0/RPMS/libcups2-devel-1.1.20-5.1.100mdk.i586.rpm\r\n dbf32babe26d1b9bf922839fd4f64409 10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm\r\n\r\n Mandrakelinux 10.0/AMD64:\r\n 9dd4e92fa6761ce6414583f3673dab6b amd64/10.0/RPMS/cups-1.1.20-5.1.100mdk.amd64.rpm\r\n e49fdc4df0ab800ad48c24a87117a63f amd64/10.0/RPMS/cups-common-1.1.20-5.1.100mdk.amd64.rpm\r\n ccc5ae05b07c3a56eb30cfe3a95e2aea amd64/10.0/RPMS/cups-serial-1.1.20-5.1.100mdk.amd64.rpm\r\n a816a4ad33164d23d0a5425b900d9ce0 amd64/10.0/RPMS/lib64cups2-1.1.20-5.1.100mdk.amd64.rpm\r\n feeed14726902046368619d8e5f680c4 amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.1.100mdk.amd64.rpm\r\n dbf32babe26d1b9bf922839fd4f64409 amd64/10.0/SRPMS/cups-1.1.20-5.1.100mdk.src.rpm\r\n\r\n Corporate Server 2.1:\r\n 142f95c8680e081dfbfb53e586de0758 corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.i586.rpm\r\n 13510fb948f686e81cb0e43ed199a5c9 corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.i586.rpm\r\n fe7759d16276087aea078a4666d27264 corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.i586.rpm\r\n d5a3ad2d14a730b633153bc486f8d043 corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.i586.rpm\r\n b1ac7b51317da42444ea35e5e3e1def3 corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.i586.rpm\r\n 0cfaa49e8d722afad7886998121a8ef2 corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm\r\n\r\n Corporate Server 2.1/x86_64:\r\n 53d838ecedc3d39880e43476cdba933d x86_64/corporate/2.1/RPMS/cups-1.1.18-2.3.C21mdk.x86_64.rpm\r\n 71df87e1abeb7cbf1dff2d206476f149 x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.3.C21mdk.x86_64.rpm\r\n 93d9708fbbc34f7ea44b40f193a35bf1 x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.3.C21mdk.x86_64.rpm\r\n 4a2d2ace8e2ddf9e29061fff3b0b2e72 x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.3.C21mdk.x86_64.rpm\r\n 7edc440141df40c2dbfb814c7221e511 x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.3.C21mdk.x86_64.rpm\r\n 0cfaa49e8d722afad7886998121a8ef2 x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.3.C21mdk.src.rpm\r\n\r\n Mandrakelinux 9.2:\r\n b46e23e49906b9837f8ff8a2f1551a1a 9.2/RPMS/cups-1.1.19-10.1.92mdk.i586.rpm\r\n 41882610ebe7ef19c62d0466a3b856bd 9.2/RPMS/cups-common-1.1.19-10.1.92mdk.i586.rpm\r\n 80285eaf595e788bf83cb06c3be6399b 9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.i586.rpm\r\n eeb50273236cab134566e4ba9aa19de7 9.2/RPMS/libcups2-1.1.19-10.1.92mdk.i586.rpm\r\n 9eebdc74a019cbf01a36e91cb0f2da38 9.2/RPMS/libcups2-devel-1.1.19-10.1.92mdk.i586.rpm\r\n b2badd330ea284850e42f9107bb178cf 9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm\r\n\r\n Mandrakelinux 9.2/AMD64:\r\n bd01da75ac66983321eca2394853eb56 amd64/9.2/RPMS/cups-1.1.19-10.1.92mdk.amd64.rpm\r\n 865443156fd350d0b06c1696f923d413 amd64/9.2/RPMS/cups-common-1.1.19-10.1.92mdk.amd64.rpm\r\n 78ed4c034ee5fa27b85dd89d909a1a3c amd64/9.2/RPMS/cups-serial-1.1.19-10.1.92mdk.amd64.rpm\r\n 7e868f59baa290fbef9f933ac76156ce amd64/9.2/RPMS/lib64cups2-1.1.19-10.1.92mdk.amd64.rpm\r\n db3266a647e39805f0b9f36fa87dcac1 amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.1.92mdk.amd64.rpm\r\n b2badd330ea284850e42f9107bb178cf amd64/9.2/SRPMS/cups-1.1.19-10.1.92mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrakeUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandrakesoft for security. You can obtain\r\n the GPG public key of the Mandrakelinux Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandrakelinux at:\r\n\r\n http://www.mandrakesoft.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_linux-mandrake.com\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team\r\n &lt;security linux-mandrake.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFBSJATmqjQ0CJFipgRAgi4AJ4hX3e+0849lql7lwNX37B6Wk3I8gCfceiU\r\nlMl3gN7n7Pvj20zxNFqdGtM=\r\n=5r+U\r\n-----END PGP SIGNATURE-----", "modified": "2004-09-16T00:00:00", "published": "2004-09-16T00:00:00", "id": "SECURITYVULNS:DOC:6819", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6819", "title": "MDKSA-2004:097 - Updated cups packages fix DoS vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:10", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandrakelinux Security Update Advisory\r\n _______________________________________________________________________\r\n\r\n Package name: printer-drivers\r\n Advisory ID: MDKSA-2004:094\r\n Date: September 15th, 2004\r\n\r\n Affected versions: 10.0, 9.2\r\n ______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n The foomatic-rip filter, which is part of foomatic-filters package,\r\n contains a vulnerability that allows anyone with access to CUPS, local\r\n or remote, to execute arbitrary commands on the server. The updated\r\n packages provide a fixed foomatic-rip filter that prevents this kind\r\n of abuse.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0801\r\n ______________________________________________________________________\r\n\r\n Updated Packages:\r\n \r\n Mandrakelinux 10.0:\r\n 5b60d06dd30d734ac047d3ee6f6dc772 10.0/RPMS/cups-drivers-1.1-138.2.100mdk.i586.rpm\r\n b054fe649f49aaf755d14b797b5b6601 10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.i586.rpm\r\n db087f03bd7c8725808e9b72ad328109 10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.i586.rpm\r\n bc8d8726f556bf49d28dac6d60131b96 10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.i586.rpm\r\n 36a87460cc5d6ea62a90b73536e904f2 10.0/RPMS/ghostscript-7.07-19.2.100mdk.i586.rpm\r\n dd3a8164ed4959f87d8a737f7bc84b01 10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.i586.rpm\r\n b584cf81006355ccd974cf8845c383ca 10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.i586.rpm\r\n 2a680b3686870b96498a6c2fb0aa684b 10.0/RPMS/libgimpprint1-4.2.7-2.2.100mdk.i586.rpm\r\n e116225a8e807e81e2f94bfa5bdfd2a8 10.0/RPMS/libgimpprint1-devel-4.2.7-2.2.100mdk.i586.rpm\r\n 0de919bcb4588874ce8937257af9c699 10.0/RPMS/libijs0-0.34-76.2.100mdk.i586.rpm\r\n 1b44c0ef21bea8d59ecba973b681f0c0 10.0/RPMS/libijs0-devel-0.34-76.2.100mdk.i586.rpm\r\n 152791cb0b54d88d66870dd190007709 10.0/RPMS/printer-filters-1.0-138.2.100mdk.i586.rpm\r\n 94849ae591daa6abb27c329262d34510 10.0/RPMS/printer-testpages-1.0-138.2.100mdk.i586.rpm\r\n 817bb3003924bda9143a4ba9fc41f07b 10.0/RPMS/printer-utils-1.0-138.2.100mdk.i586.rpm\r\n 252ce79ceeb44363fcca69e8fae3124f 10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm\r\n\r\n Mandrakelinux 10.0/AMD64:\r\n f77b65e84043e7e426127724e6c926fd amd64/10.0/RPMS/cups-drivers-1.1-138.2.100mdk.amd64.rpm\r\n 5f74d92859cd3423ffa69e88dfb397fb amd64/10.0/RPMS/foomatic-db-3.0.1-0.20040828.1.1.100mdk.amd64.rpm\r\n cbc7f870d50c30cdaaa3318ffd9f7cfa amd64/10.0/RPMS/foomatic-db-engine-3.0.1-0.20040828.1.1.100mdk.amd64.rpm\r\n 513edd72b47ea666813d98bf9572ae10 amd64/10.0/RPMS/foomatic-filters-3.0.1-0.20040828.1.1.100mdk.amd64.rpm\r\n 1656f00628486bddffefc924acdb4bfe amd64/10.0/RPMS/ghostscript-7.07-19.2.100mdk.amd64.rpm\r\n 4fbad78a6df7915e83d9cb20a6d59939 amd64/10.0/RPMS/ghostscript-module-X-7.07-19.2.100mdk.amd64.rpm\r\n ad6683d164413b5ca4571a40e78df9f3 amd64/10.0/RPMS/gimpprint-4.2.7-2.2.100mdk.amd64.rpm\r\n f9745491ae1a8f0634107cd7f41d76b2 amd64/10.0/RPMS/lib64gimpprint1-4.2.7-2.2.100mdk.amd64.rpm\r\n 0c7f9f7109ef86406c0d32191aa77fc2 amd64/10.0/RPMS/lib64gimpprint1-devel-4.2.7-2.2.100mdk.amd64.rpm\r\n d8b8c565cb72e876aceda04de4ad2832 amd64/10.0/RPMS/lib64ijs0-0.34-76.2.100mdk.amd64.rpm\r\n ed95b407652ab7064837399003bb9553 amd64/10.0/RPMS/lib64ijs0-devel-0.34-76.2.100mdk.amd64.rpm\r\n 462a427f75ccf5d024c793eb829ae025 amd64/10.0/RPMS/printer-filters-1.0-138.2.100mdk.amd64.rpm\r\n bcad49c7a9063a7856473b1ce969e36b amd64/10.0/RPMS/printer-testpages-1.0-138.2.100mdk.amd64.rpm\r\n 37339dff70409896959a6f4d4b8af1e7 amd64/10.0/RPMS/printer-utils-1.0-138.2.100mdk.amd64.rpm\r\n 252ce79ceeb44363fcca69e8fae3124f amd64/10.0/SRPMS/printer-drivers-1.0-138.2.100mdk.src.rpm\r\n\r\n Mandrakelinux 9.2:\r\n e46b265555a2075d363d746933e88870 9.2/RPMS/cups-drivers-1.1-116.1.92mdk.i586.rpm\r\n f2e8df86c2cc434c6b3a2d788b22069b 9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.i586.rpm\r\n 452cc2b7a3d3dfae90818f2c70112c75 9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.i586.rpm\r\n 4d3926f1a28c1d958e453d01a1708811 9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.i586.rpm\r\n b83e8b68601c4c576e4354229f541092 9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.i586.rpm\r\n ea2f04d7cb9a17ed26e5c0c71711c54c 9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.i586.rpm\r\n 488ad952dc1560ce2b2eba223f692ae1 9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.i586.rpm\r\n e491c8a7e4fc6edbf205c4539d50806d 9.2/RPMS/libgimpprint1-4.2.5-30.1.92mdk.i586.rpm\r\n 4e2d702a616369ef122b16a112923c3c 9.2/RPMS/libgimpprint1-devel-4.2.5-30.1.92mdk.i586.rpm\r\n f9a5f949e4342b550a52112aba77fdde 9.2/RPMS/libijs0-0.34-56.1.92mdk.i586.rpm\r\n 4bf9b3b6b6f210490dd74771f81929e8 9.2/RPMS/libijs0-devel-0.34-56.1.92mdk.i586.rpm\r\n b8145f433d635d70228438401fba14d2 9.2/RPMS/omni-0.7.2-32.1.92mdk.i586.rpm\r\n 43850e0a55dadfd65ddbfbf3a0234264 9.2/RPMS/printer-filters-1.0-116.1.92mdk.i586.rpm\r\n c5baf817bd47ba680733f87b546f0b2a 9.2/RPMS/printer-testpages-1.0-116.1.92mdk.i586.rpm\r\n 0e0de87f4facbb33d9716c22f6c53a0e 9.2/RPMS/printer-utils-1.0-116.1.92mdk.i586.rpm\r\n 3ac289d0ad9ccbae59ffbbff1d0ef6d0 9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm\r\n\r\n Mandrakelinux 9.2/AMD64:\r\n 3805d72ab483ca73c17ec668fcfea260 amd64/9.2/RPMS/cups-drivers-1.1-116.1.92mdk.amd64.rpm\r\n 4120e7ae8d18452e0d010d9f6dad68ab amd64/9.2/RPMS/foomatic-db-3.0-1.20030908.3.1.92mdk.amd64.rpm\r\n 541fb6b621453eb2f2eb4cd3cc66bdb6 amd64/9.2/RPMS/foomatic-db-engine-3.0-1.20030908.3.1.92mdk.amd64.rpm\r\n 120453007ef1d4e2201f47bc9b435b6f amd64/9.2/RPMS/foomatic-filters-3.0-1.20030908.3.1.92mdk.amd64.rpm\r\n ba54c898100a7e8f8a648ab6be4dff4a amd64/9.2/RPMS/ghostscript-7.07-0.12.1.92mdk.amd64.rpm\r\n 0088c1cad9cb1c5a3dcdfec551d1b436 amd64/9.2/RPMS/ghostscript-module-X-7.07-0.12.1.92mdk.amd64.rpm\r\n ef2d193c0209974f5dc519824d4ce6ef amd64/9.2/RPMS/gimpprint-4.2.5-30.1.92mdk.amd64.rpm\r\n 7e9d6e3afd9e6f55f518693d00da089a amd64/9.2/RPMS/lib64gimpprint1-4.2.5-30.1.92mdk.amd64.rpm\r\n b76c616669975e31b4c207edad6a64e2 amd64/9.2/RPMS/lib64gimpprint1-devel-4.2.5-30.1.92mdk.amd64.rpm\r\n f117b249358c122cd42c86ea0ba671f6 amd64/9.2/RPMS/lib64ijs0-0.34-56.1.92mdk.amd64.rpm\r\n 9ef6acb512d398a9e68fbc52436206ca amd64/9.2/RPMS/lib64ijs0-devel-0.34-56.1.92mdk.amd64.rpm\r\n 3cf204dea9e41a3c421e30b632ff620e amd64/9.2/RPMS/omni-0.7.2-32.1.92mdk.amd64.rpm\r\n ee634dcbe58b639f6573f4b1f735ef94 amd64/9.2/RPMS/printer-filters-1.0-116.1.92mdk.amd64.rpm\r\n a8ce95c71a3c7a1588168fe71c72aa3f amd64/9.2/RPMS/printer-testpages-1.0-116.1.92mdk.amd64.rpm\r\n 1953aeb5c4e92e4e2c991ffabb27bbea amd64/9.2/RPMS/printer-utils-1.0-116.1.92mdk.amd64.rpm\r\n 3ac289d0ad9ccbae59ffbbff1d0ef6d0 amd64/9.2/SRPMS/printer-drivers-1.0-116.1.92mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrakeUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandrakesoft for security. You can obtain\r\n the GPG public key of the Mandrakelinux Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandrakelinux at:\r\n\r\n http://www.mandrakesoft.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_linux-mandrake.com\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team\r\n &lt;security linux-mandrake.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFBSGpUmqjQ0CJFipgRApTFAJ9Dq19mr5vUI6oJakdt2k3/RnsECACfYSZx\r\n5Jwv6WsUJH/3Wj9tiua1Jy4=\r\n=uMtu\r\n-----END PGP SIGNATURE-----", "modified": "2004-09-16T00:00:00", "published": "2004-09-16T00:00:00", "id": "SECURITYVULNS:DOC:6820", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6820", "title": "MDKSA-2004:094 - Updated printer-drivers packages fix vulnerability in foomatic", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-02T23:36:57", "bulletinFamily": "exploit", "description": "CUPS 1.1.x UDP Packet Remote Denial Of Service Vulnerability. CVE-2004-0558. Dos exploit for linux platform", "modified": "2004-09-15T00:00:00", "published": "2004-09-15T00:00:00", "id": "EDB-ID:24599", "href": "https://www.exploit-db.com/exploits/24599/", "type": "exploitdb", "title": "CUPS 1.1.x UDP Packet Remote Denial of Service Vulnerability", "sourceData": "source: http://www.securityfocus.com/bid/11183/info\r\n\r\nCUPS is prone to a remotely exploitable denial of service vulnerability that may be triggered through port 631 by a zero-length UDP packet.\r\n\r\nnmap -sU -p 631 example.com", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/24599/"}], "redhat": [{"lastseen": "2019-08-13T18:45:08", "bulletinFamily": "unix", "description": "The Common UNIX Printing System (CUPS) is a print spooler.\n\nAlvaro Martinez Echevarria reported a bug in the CUPS Internet Printing\nProtocol (IPP) implementation in versions of CUPS prior to 1.1.21. An\nattacker could send a carefully crafted UDP packet to the IPP port which\ncould cause CUPS to stop listening to the port and result in a denial of\nservice. In order to exploit this bug, an attacker would need to have the\nability to send a UDP packet to the IPP port (by default 631). The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0558 to this issue.\n\nAll users of cups should upgrade to these updated packages, which contain a\nbackported patch as well as a fix for a non-exploitable off-by-one bug.", "modified": "2017-07-29T20:29:49", "published": "2004-09-15T04:00:00", "id": "RHSA-2004:449", "href": "https://access.redhat.com/errata/RHSA-2004:449", "type": "redhat", "title": "(RHSA-2004:449) cups security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:33", "bulletinFamily": "unix", "description": "### Background\n\nThe Common UNIX Printing System (CUPS) is a cross-platform print spooler. \n\n### Description\n\nAlvaro Martinez Echevarria discovered a hole in the CUPS Internet Printing Protocol (IPP) implementation that allows remote attackers to cause CUPS to stop listening on the IPP port. \n\n### Impact\n\nA remote user with malicious intent can easily cause a denial of service to the CUPS daemon by sending a specially-crafted UDP datagram packet to the IPP port. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll CUPS users should upgrade to the latest version: \n \n \n # emerge sync\n \n # emerge -pv \">=net-print/cups-1.1.20-r2\"\n # emerge \">=net-print/cups-1.1.20-r2\"", "modified": "2004-09-21T00:00:00", "published": "2004-09-20T00:00:00", "id": "GLSA-200409-25", "href": "https://security.gentoo.org/glsa/200409-25", "type": "gentoo", "title": "CUPS: Denial of service vulnerability", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:48", "bulletinFamily": "unix", "description": "### Background\n\nFoomatic is a system for connecting printer drivers with spooler systems such as CUPS and LPD. The foomatic-filters package contains wrapper scripts which are designed to be used with Foomatic. \n\n### Description\n\nThere is a vulnerability in the foomatic-filters package. This vulnerability is due to insufficient checking of command-line parameters and environment variables in the foomatic-rip filter. \n\n### Impact\n\nThis vulnerability may allow both local and remote attackers to execute arbitrary commands on the print server with the permissions of the spooler (oftentimes the \"lp\" user). \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll foomatic users should upgrade to the latest version: \n \n \n # emerge sync\n \n # emerge -pv \">=net-print/foomatic-3.0.2\"\n # emerge \">=net-print/foomatic-3.0.2\"\n\nPLEASE NOTE: You should update foomatic, instead of foomatic-filters. This will help to ensure that all other foomatic components remain functional.", "modified": "2004-09-20T00:00:00", "published": "2004-09-20T00:00:00", "id": "GLSA-200409-24", "href": "https://security.gentoo.org/glsa/200409-24", "type": "gentoo", "title": "Foomatic: Arbitrary command execution in foomatic-rip filter", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T11:32:37", "bulletinFamily": "unix", "description": "A bug in cupsomatic/foomatic-filters that allowed remote printer users to execute arbitrary commands with the UID of the printer daemon has been fixed (CVE-2004-0801).\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2006-05-30T12:43:36", "published": "2006-05-30T12:43:36", "id": "SUSE-SA:2006:026", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-05/msg00016.html", "type": "suse", "title": "remote code execution in foomatic-filters", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:41:56", "bulletinFamily": "unix", "description": "The Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP). Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive. Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups. It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.\n#### Solution\nIf you use CUPS, we recommend an update in any case. Additionally the IPP port (TCP port 631) should be firewalled and the printing ACLs should be set up in a way to reflect the local security policy.", "modified": "2004-09-15T14:45:26", "published": "2004-09-15T14:45:26", "id": "SUSE-SA:2004:031", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-09/msg00010.html", "title": "remote code execution in cups", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}