Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2375
HistoryNov 02, 2007 - 12:00 a.m.

CUPS IPP标签远程栈溢出漏洞

2007-11-0200:00:00
Root
www.seebug.org
251

0.083 Low

EPSS

Percentile

93.7%

JSON

BUGTRAQ ID: 26268
CVE(CAN) ID: CVE-2007-4351

Common Unix Printing System (CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。

CUPS的cups/ipp.c文件中的ippReadIO()函数在处理IPP(Internet打印协议)标签时存在栈溢出漏洞,远程攻击者可能利用此漏洞控制服务器。

如果远程攻击者向打印服务发送了包含有特制textWithLanguage或nameWithLanguage标签的IPP请求的话,就可能导致用0覆盖栈上的一个字节,导致执行任意指令。

Easy Software Products CUPS 1.3.3
Easy Software Products CUPS 1.2.4
RedHat Enterprise Linux v.5 server
RedHat Enterprise Linux Desktop v.5 client
厂商补丁:

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2007:1020-01)以及相应补丁:
RHSA-2007:1020-01:Important: cups security and bug fix update
链接:<a href=“https://www.redhat.com/support/errata/RHSA-2007-1020.html” target=“_blank”>https://www.redhat.com/support/errata/RHSA-2007-1020.html</a>

Related

fedora 7
openvas 32
osv 1
nessus 23
cert 1
debiancve 1
prion 1
cve 1
centos 3
freebsd 1
securityvulns 1
ubuntu 1
gentoo 1
suse 1
veracode 1
redhat 3
ubuntucve 1
debian 1
slackware 1
cisco 1
oraclelinux 3
fedora
fedora
[SECURITY] Fedora Core 6 Update: cups-1.2.12-5.fc6
2007-11-05 14:52:16
[SECURITY] Fedora 7 Update: cups-1.2.12-6.fc7
2007-11-01 21:14:31
[SECURITY] Fedora 8 Update: cups-1.3.4-2.fc8
2007-11-08 06:03:28
openvas
openvas
Fedora Update for cups FEDORA-2007-740
2009-02-27 00:00:00
Gentoo Security Advisory GLSA 200711-16 (cups)
2008-09-24 00:00:00
FreeBSD Ports: cups-base
2008-09-04 00:00:00
osv
osv
cupsys - buffer overflow with arbitrary code execution
2007-11-18 00:00:00
nessus
nessus
CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow
2007-11-02 00:00:00
Fedora 7 : cups-1.2.12-6.fc7 (2007-2715)
2007-11-06 00:00:00
Mandrake Linux Security Advisory : cups (MDKSA-2007:204-1)
2007-11-02 00:00:00
cert
cert
CUPS buffer overflow vulnerability
2007-11-01 00:00:00
debiancve
debiancve
CVE-2007-4351
2007-10-31 22:46:00
prion
prion
Stack overflow
2007-10-31 22:46:00
cve
cve
CVE-2007-4351
2007-10-31 22:46:00
centos
centos
cups security update
2007-11-01 01:51:59
cups security update
2007-11-07 20:06:27
cups security update
2007-11-07 19:56:33
freebsd
freebsd
cups -- off-by-one buffer overflow
2007-11-06 00:00:00
securityvulns
securityvulns
Secunia Research: CUPS IPP Tags Memory Corruption Vulnerability
2007-10-31 00:00:00
ubuntu
ubuntu
CUPS vulnerability
2007-11-06 00:00:00
gentoo
gentoo
CUPS: Memory corruption
2007-11-12 00:00:00
suse
suse
remote code execution in cups
2007-10-31 16:30:43
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:19:37
redhat
redhat
(RHSA-2007:1020) Important: cups security and bug fix update
2007-10-31 00:00:00
(RHSA-2007:1023) Important: cups security update
2007-11-07 00:00:00
(RHSA-2007:1022) Important: cups security update
2007-11-07 00:00:00
ubuntucve
ubuntucve
CVE-2007-4351
2007-10-31 00:00:00
debian
debian
[SECURITY] [DSA 1407-1] New cupsys packages fix arbitrary code execution
2007-11-18 00:00:00
slackware
slackware
[slackware-security] cups
2007-11-02 04:49:01
cisco
cisco
Common UNIX Printing System IPP Tags Memory Corruption Vulnerability
2007-10-31 17:40:08
oraclelinux
oraclelinux
Important: cups security and bug fix update
2007-10-31 00:00:00
Important: cups security update
2007-11-07 00:00:00
Important: cups security update
2007-11-07 00:00:00

0.083 Low

EPSS

Percentile

93.7%

JSON
Related for SSV:2375
fedora7openvas32osv1nessus23cert1debiancve1prion1cve1centos3freebsd1securityvulns1ubuntu1gentoo1suse1veracode1redhat3ubuntucve1debian1slackware1cisco1oraclelinux3