Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:850017HistoryJan 23, 2009 - 12:00 a.m.
SuSE Update for cups SUSE-SA:2008:020
2009-01-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
6
0.954 High
EPSS
Percentile
99.2%
Check for the Version of cups
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_suse_2008_020.nasl 8050 2017-12-08 09:34:29Z santu $
#
# SuSE Update for cups SUSE-SA:2008:020
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Two security issues were fixed in the CUPS printing system, which
could be used by an attacker to crash CUPS or to potentially execute
malicious code.
- specially crafted GIF files could cause a buffer overflow in the
printer filter for image files CVE-2008-1373.
- specially crafted files could cause a buffer overflow in the HP-GL/2
printer filter CVE-2008-0053.";
tag_impact = "remote code execution";
tag_affected = "cups on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_id(850017);
script_version("$Revision: 8050 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "SUSE-SA", value: "2008-020");
script_cve_id("CVE-2008-0053", "CVE-2008-1373");
script_name( "SuSE Update for cups SUSE-SA:2008:020");
script_summary("Check for the Version of cups");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "openSUSE10.3")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.2.12~22.13", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.2.12~22.13", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.2.12~22.13", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.2.12~22.13", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.2.12~22.13", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "openSUSE10.2")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.2.7~12.15", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.2.7~12.15", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.2.7~12.15", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.2.7~12.15", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.2.7~12.15", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "NLPOS9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.50", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.50", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.50", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.50", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "OES")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.50", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.50", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.50", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.50", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLES9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.50", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.50", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.50", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.50", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "LES10SP1")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.41", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.41", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.41", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.41", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.41", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "NLDk9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.50", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.50", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.50", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.50", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESDk10SP1")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.41", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.41", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.41", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.41", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.41", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SL10.1")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.41", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.41", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.41", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.41", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
nessus
nessus
SuSE9 Security Update : CUPS (YOU Patch Number 12117)
2009-09-24 00:00:00
openSUSE 10 Security Update : cups (cups-5117)
2008-04-04 00:00:00
SuSE 10 Security Update : CUPS (ZYPP Patch Number 5115)
2008-04-04 00:00:00
suse
suse
remote code execution in cups
2008-04-04 16:22:43
openvas
openvas
SLES9: Security update for CUPS
2009-10-10 00:00:00
SLES10: Security update for CUPS
2009-10-13 00:00:00
SLES9: Security update for CUPS
2009-10-10 00:00:00
oraclelinux
oraclelinux
cups security update
2008-04-01 00:00:00
cups security update
2008-04-01 00:00:00
debian
debian
[SECURITY] [DSA 1625-1] New cupsys packages fix arbitrary code execution
2008-08-01 07:52:16
redhat
redhat
(RHSA-2008:0192) Moderate: cups security update
2008-04-01 00:00:00
(RHSA-2008:0206) Moderate: cups security update
2008-04-01 00:00:00
centos
centos
cups security update
2008-04-02 10:39:09
cups security update
2008-04-01 17:06:38
osv
osv
cupsys - arbitrary code execution
2008-08-01 00:00:00
securityvulns
securityvulns
[USN-598-1] CUPS vulnerabilities
2008-04-03 00:00:00
CUPS code execution with GIF files
2008-04-03 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2008-04-02 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2008-04-01 00:00:00
seebug
seebug
CUPS gif_read_lzw()函数GIF文件处理缓冲区溢出漏洞
2008-04-03 00:00:00
Apple Mac OS X 2008-002更新修复多个安全漏洞
2008-03-20 00:00:00
checkpoint_advisories
checkpoint_advisories
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:34
Arbitrary Code Execution
2020-04-10 00:20:33
prion
prion
Buffer overflow
2008-03-18 23:44:00
Buffer overflow
2008-04-04 00:44:00
ubuntucve
ubuntucve
CVE-2008-0053
2008-03-18 00:00:00
CVE-2008-1373
2008-04-04 00:00:00
cvelist
cvelist
CVE-2008-0053
2008-03-18 23:00:00
CVE-2008-1373
2008-04-04 00:00:00
cve
cve
CVE-2008-0053
2008-03-18 23:44:00
CVE-2008-1373
2008-04-04 00:44:00
debiancve
debiancve
CVE-2008-0053
2008-03-18 23:44:00
CVE-2008-1373
2008-04-04 00:44:00
slackware
slackware
[slackware-security] cups
2008-04-03 07:53:48
fedora
fedora
[SECURITY] Fedora 7 Update: cups-1.2.12-10.fc7
2008-04-09 05:14:39
[SECURITY] Fedora 7 Update: cups-1.2.12-11.fc7
2008-05-10 13:55:52
[SECURITY] Fedora 9 Update: cups-1.3.9-1.fc9
2008-10-16 02:08:34