Lucene search
RootSSV:5079HistoryApr 21, 2009 - 12:00 a.m.
CUPS '_cupsImageReadTIFF()'整数溢出漏洞
2009-04-2100:00:00
Root
www.seebug.org
48
0.022 Low
EPSS
Percentile
88.2%
BUGTRAQ ID: 34571
CVE ID:CVE-2009-0163
CNCVE ID:CNCVE-20090163
Common Unix Printing System(CUPS)是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。
CUPS处理TIFF图像存在整数溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。
当解析TIFF文件时,_cupsImageReadTIFF()函数没有正确验证来自文件爱你的’height’值,此值用于算术计算来决定动态堆缓冲区大小,通过提供超大值,可导致触发堆的缓冲区溢出,可能以应用程序权限执行任意指令。
Easy Software Products CUPS 1.3.9
Easy Software Products CUPS 1.3.8
Easy Software Products CUPS 1.3.7
Easy Software Products CUPS 1.3.6
Easy Software Products CUPS 1.3.5
Easy Software Products CUPS 1.3.3
Easy Software Products CUPS 1.3.2
Easy Software Products CUPS 1.2.12
Easy Software Products CUPS 1.2.10
Easy Software Products CUPS 1.2.9
Easy Software Products CUPS 1.2.8
Easy Software Products CUPS 1.2.4
Easy Software Products CUPS 1.2.2
Easy Software Products CUPS 1.1.23 rc1
- Gentoo Linux
Easy Software Products CUPS 1.1.23 - Gentoo Linux
Easy Software Products CUPS 1.1.22 rc1
Easy Software Products CUPS 1.1.22
Easy Software Products CUPS 1.1.21 - MandrakeSoft Linux Mandrake 10.1 x86_64
- MandrakeSoft Linux Mandrake 10.1
Easy Software Products CUPS 1.1.20 - ALT Linux ALT Linux Compact 2.3
- ALT Linux ALT Linux Junior 2.3
- Gentoo Linux 1.4 _rc3
- Gentoo Linux 1.4 _rc2
- Gentoo Linux 1.4 _rc1
- MandrakeSoft apcupsd 2006.0
- MandrakeSoft Linux Mandrake 10.0 AMD64
- MandrakeSoft Linux Mandrake 10.0
- S.u.S.E. Linux Personal 9.1
- Ubuntu Ubuntu Linux 4.1 ppc
- Ubuntu Ubuntu Linux 4.1 ia64
- Ubuntu Ubuntu Linux 4.1 ia32
Easy Software Products CUPS 1.1.19 rc5
Easy Software Products CUPS 1.1.19 - MandrakeSoft Linux Mandrake 9.2 amd64
- MandrakeSoft Linux Mandrake 9.2
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server Hosting Edition 1.0
- Turbolinux Appliance Server Workgroup Edition 1.0
- Turbolinux Home
- Turbolinux Turbolinux Desktop 10.0
- Turbolinux Turbolinux Server 8.0
- Turbolinux Turbolinux Workstation 8.0
Easy Software Products CUPS 1.1.18 - Conectiva Linux 9.0
- MandrakeSoft Corporate Server 2.1 x86_64
- MandrakeSoft Corporate Server 2.1
- MandrakeSoft Linux Mandrake 9.0
- MandrakeSoft Multi Network Firewall 2.0
- S.u.S.E. Linux Personal 8.2
Easy Software Products CUPS 1.1.17 - RedHat Desktop 3.0
- RedHat Enterprise Linux AS 3
- RedHat Enterprise Linux ES 3
- RedHat Enterprise Linux WS 3
Easy Software Products CUPS 1.1.16 - MandrakeSoft Linux Mandrake 9.0
Easy Software Products CUPS 1.1.15 - Conectiva Linux Enterprise Edition 1.0
- S.u.S.E. Linux 8.1
Easy Software Products CUPS 1.1.14 - Conectiva Linux 8.0
- Debian Linux 3.0 sparc
- Debian Linux 3.0 s/390
- Debian Linux 3.0 ppc
- Debian Linux 3.0 mipsel
- Debian Linux 3.0 mips
- Debian Linux 3.0 m68k
- Debian Linux 3.0 ia-64
- Debian Linux 3.0 ia-32
- Debian Linux 3.0 hppa
- Debian Linux 3.0 arm
- Debian Linux 3.0 alpha
- Debian Linux 3.0
- MandrakeSoft Linux Mandrake 8.2 ppc
- MandrakeSoft Linux Mandrake 8.2
Easy Software Products CUPS 1.1.13
Easy Software Products CUPS 1.1.12 - S.u.S.E. Linux 8.0 i386
- S.u.S.E. Linux 8.0
Easy Software Products CUPS 1.1.10 - Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Workstation 3.1.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- MandrakeSoft Linux Mandrake 8.1 ia64
- MandrakeSoft Linux Mandrake 8.1
- S.u.S.E. Linux 7.3 sparc
- S.u.S.E. Linux 7.3 ppc
- S.u.S.E. Linux 7.3 i386
Easy Software Products CUPS 1.1.7
Easy Software Products CUPS 1.1.6 - Caldera OpenLinux Server 3.1
- Caldera OpenLinux Workstation 3.1
- MandrakeSoft Linux Mandrake 8.0 ppc
- MandrakeSoft Linux Mandrake 8.0
- S.u.S.E. Linux 7.2 i386
- S.u.S.E. Linux 7.1 x86
- S.u.S.E. Linux 7.1 sparc
- S.u.S.E. Linux 7.1 ppc
- S.u.S.E. Linux 7.1 alpha
Easy Software Products CUPS 1.1.4 -5
Easy Software Products CUPS 1.1.4 -3 - MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.4 -2 - Debian Linux 2.3
Easy Software Products CUPS 1.1.4 - Debian Linux 2.3
- MandrakeSoft Linux Mandrake 7.2
Easy Software Products CUPS 1.1.1 - RedHat PowerTools 7.0
Easy Software Products CUPS 1.0.4 -8 - Debian Linux 2.2
Easy Software Products CUPS 1.0.4 - Debian Linux 2.2
DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5
可参考如下补丁信息:
Easy Software Products CUPS 1.0.4 -8
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.0.4
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.1
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.10
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.12
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.13
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.14
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.15
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.16
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.17
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.18
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.19
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.19 rc5
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.20
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.21
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.22 rc1
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.22
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.23 rc1
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.23
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.4 -5
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.4 -2
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.4 -3
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.4
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.6
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.1.7
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.10
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.12
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.2
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.4
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.8
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.2.9
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.2
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.3
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.5
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.6
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.7
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.8
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Easy Software Products CUPS 1.3.9
Easy Software Products str3031.patch
<a href=“http://www.cups.org/strfiles/3031/str3031.patch” target=“_blank”>http://www.cups.org/strfiles/3031/str3031.patch</a>
Related
nessus
nessus
SuSE 11 Security Update : CUPS (SAT Patch Number 790)
2009-09-24 00:00:00
RHEL 3 : cups (RHSA-2009:0428)
2009-04-17 00:00:00
openSUSE Security Update : cups (cups-784)
2009-07-21 00:00:00
openvas
openvas
Debian Security Advisory DSA 1773-1 (cups)
2009-04-20 00:00:00
Debian: Security Advisory (DSA-1773-1)
2009-04-20 00:00:00
Ubuntu USN-760-1 (cupsys)
2009-04-20 00:00:00
redhat
redhat
(RHSA-2009:0428) Moderate: cups security update
2009-04-16 00:00:00
(RHSA-2009:0429) Important: cups security update
2009-04-16 00:00:00
cve
cve
CVE-2009-0163
2009-04-23 17:30:00
centos
centos
cups security update
2009-04-17 12:50:01
cups security update
2009-04-17 13:26:01
ubuntu
ubuntu
CUPS vulnerability
2009-04-16 00:00:00
debian
debian
[SECURITY] [DSA 1773-1] New cups packages fix arbitrary code execution
2009-04-17 02:53:46
ubuntucve
ubuntucve
CVE-2009-0163
2009-04-23 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:37:38
prion
prion
Integer overflow
2009-04-23 17:30:00
seebug
seebug
CUPS _cupsImageReadTIFF()函数整数溢出漏洞
2009-04-18 00:00:00
debiancve
debiancve
CVE-2009-0163
2009-04-23 17:30:00
oraclelinux
oraclelinux
cups security update
2009-04-16 00:00:00
cups security update
2009-04-16 00:00:00
osv
osv
cups cupsys - arbitrary code execution
2009-04-17 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: cups-1.4.2-7.fc11
2009-12-01 04:19:25
[SECURITY] Fedora 11 Update: cups-1.4.2-26.fc11
2010-03-13 02:30:06
[SECURITY] Fedora 10 Update: cups-1.3.10-1.fc10
2009-04-22 00:50:31
slackware
slackware
cups
2009-04-26 15:50:34
securityvulns
securityvulns
rPSA-2009-0061-1 cups
2009-04-18 00:00:00
CUPS multipls security vulnerabilities
2009-04-18 00:00:00
[ MDVSA-2009:283 ] cups
2009-10-20 00:00:00
freebsd
freebsd
cups -- remote code execution and DNS rebinding
2009-05-05 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2009-04-23 00:00:00
suse
suse
remote code execution in cups
2009-04-22 16:34:36