(RHSA-2007:1023) Important: cups security update

2007-11-0700:00:00

access.redhat.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.205 Low

EPSS

Percentile

95.9%

JSON

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX® operating systems.

Alin Rad Pop discovered a flaw in the handling of PDF files. An attacker
could create a malicious PDF file that would cause CUPS to crash or
potentially execute arbitrary code when printed. (CVE-2007-5393)

Alin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags.
A remote attacker who is able to connect to the IPP TCP port could send a
malicious request causing the CUPS daemon to crash. (CVE-2007-4351)

A flaw was found in the way CUPS handled SSL negotiation. A remote attacker
capable of connecting to the CUPS daemon could cause CUPS to crash.
(CVE-2007-4045)

All CUPS users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyppc64cups-libs< 1.1.17-13.3.46cups-libs-1.1.17-13.3.46.ppc64.rpm
RedHatanyppccups< 1.1.17-13.3.46cups-1.1.17-13.3.46.ppc.rpm
RedHatanyppccups-libs< 1.1.17-13.3.46cups-libs-1.1.17-13.3.46.ppc.rpm
RedHatanyppccups-devel< 1.1.17-13.3.46cups-devel-1.1.17-13.3.46.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc64	cups-libs	< 1.1.17-13.3.46	cups-libs-1.1.17-13.3.46.ppc64.rpm
RedHat	any	ppc	cups	< 1.1.17-13.3.46	cups-1.1.17-13.3.46.ppc.rpm
RedHat	any	ppc	cups-libs	< 1.1.17-13.3.46	cups-libs-1.1.17-13.3.46.ppc.rpm
RedHat	any	ppc	cups-devel	< 1.1.17-13.3.46	cups-devel-1.1.17-13.3.46.ppc.rpm