CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
93.7%
The remote host is missing updates announced in
advisory RHSA-2009:1513.
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS pdftops filter converts Portable
Document Format (PDF) files to PostScript.
Two integer overflow flaws were found in the CUPS pdftops filter. An
attacker could create a malicious PDF file that would cause pdftops to
crash or, potentially, execute arbitrary code as the lp user if the file
was printed. (CVE-2009-3608, CVE-2009-3609)
Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608
issue.
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.66018");
script_version("2024-03-21T05:06:54+0000");
script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
script_tag(name:"creation_date", value:"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)");
script_cve_id("CVE-2009-3608", "CVE-2009-3609");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("RedHat Security Advisory RHSA-2009:1513");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_5");
script_tag(name:"solution", value:"Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory RHSA-2009:1513.
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS pdftops filter converts Portable
Document Format (PDF) files to PostScript.
Two integer overflow flaws were found in the CUPS pdftops filter. An
attacker could create a malicious PDF file that would cause pdftops to
crash or, potentially, execute arbitrary code as the lp user if the file
was printed. (CVE-2009-3608, CVE-2009-3609)
Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608
issue.
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"http://rhn.redhat.com/errata/RHSA-2009-1513.html");
script_xref(name:"URL", value:"http://www.redhat.com/security/updates/classification/#moderate");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.3.7~11.el5_4.3", rls:"RHENT_5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"cups-debuginfo", rpm:"cups-debuginfo~1.3.7~11.el5_4.3", rls:"RHENT_5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.3.7~11.el5_4.3", rls:"RHENT_5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"cups-lpd", rpm:"cups-lpd~1.3.7~11.el5_4.3", rls:"RHENT_5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.3.7~11.el5_4.3", rls:"RHENT_5")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}