5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.07 Low
EPSS
Percentile
93.3%
The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The Internet Printing Protocol (IPP) allows
users to print and manage printing-related tasks over a network.
A NULL pointer dereference flaw was found in the CUPS IPP routine, used for
processing incoming IPP requests for the CUPS scheduler. An attacker could
use this flaw to send specially-crafted IPP requests that would crash the
cupsd daemon. (CVE-2009-0949)
Red Hat would like to thank Anibal Sacco from Core Security Technologies
for reporting this issue.
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the cupsd daemon will be restarted automatically.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | s390x | cups-devel | < 1.3.7-8.el5_3.6 | cups-devel-1.3.7-8.el5_3.6.s390x.rpm |
RedHat | 5 | ppc | cups-libs | < 1.3.7-8.el5_3.6 | cups-libs-1.3.7-8.el5_3.6.ppc.rpm |
RedHat | 5 | ppc64 | cups-libs | < 1.3.7-8.el5_3.6 | cups-libs-1.3.7-8.el5_3.6.ppc64.rpm |
RedHat | 5 | x86_64 | cups | < 1.3.7-8.el5_3.6 | cups-1.3.7-8.el5_3.6.x86_64.rpm |
RedHat | 5 | s390x | cups-lpd | < 1.3.7-8.el5_3.6 | cups-lpd-1.3.7-8.el5_3.6.s390x.rpm |
RedHat | 5 | s390 | cups-devel | < 1.3.7-8.el5_3.6 | cups-devel-1.3.7-8.el5_3.6.s390.rpm |
RedHat | 5 | src | cups | < 1.3.7-8.el5_3.6 | cups-1.3.7-8.el5_3.6.src.rpm |
RedHat | 5 | s390x | cups-libs | < 1.3.7-8.el5_3.6 | cups-libs-1.3.7-8.el5_3.6.s390x.rpm |
RedHat | 5 | ppc64 | cups-devel | < 1.3.7-8.el5_3.6 | cups-devel-1.3.7-8.el5_3.6.ppc64.rpm |
RedHat | 5 | x86_64 | cups-lpd | < 1.3.7-8.el5_3.6 | cups-lpd-1.3.7-8.el5_3.6.x86_64.rpm |