Lucene search
SuseSUSE-SA:2008:015HistoryMar 19, 2008 - 10:07 a.m.
remote code execution in cups
2008-03-1910:07:43
lists.opensuse.org
17
0.855 High
EPSS
Percentile
98.2%
A heap-overflow in the cgiCompileSearch() function of cups could be exploited by remote attackers to execute arbitrary code. The vulnerable function is used by the web-interface which is only available remotely if the print server shares printers over the network.
Solution
There is no known workaround, please install the update packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 10.2 | x86_64 | cups | <Β 1.2.7-12.13 | cups-1.2.7-12.13.x86_64.rpm |
| openSUSE | 10.3 | i586 | cups-client | <Β 1.2.12-22.11 | cups-client-1.2.12-22.11.i586.rpm |
| openSUSE | 10.2 | ppc | cups-client | <Β 1.2.7-12.13 | cups-client-1.2.7-12.13.ppc.rpm |
| openSUSE | 10.3 | ppc | cups-devel | <Β 1.2.12-22.11 | cups-devel-1.2.12-22.11.ppc.rpm |
| openSUSE | 10.2 | i586 | cups-libs | <Β 1.2.7-12.13 | cups-libs-1.2.7-12.13.i586.rpm |
| openSUSE | 10.3 | i586 | cups-devel | <Β 1.2.12-22.11 | cups-devel-1.2.12-22.11.i586.rpm |
| openSUSE | 10.3 | x86_64 | cups-libs | <Β 1.2.12-22.11 | cups-libs-1.2.12-22.11.x86_64.rpm |
| openSUSE | 10.2 | x86_64 | cups-libs-32bit | <Β 1.2.7-12.13 | cups-libs-32bit-1.2.7-12.13.x86_64.rpm |
| openSUSE | 10.2 | ppc | cups | <Β 1.2.7-12.13 | cups-1.2.7-12.13.ppc.rpm |
| openSUSE | 10.3 | x86_64 | cups-devel | <Β 1.2.12-22.11 | cups-devel-1.2.12-22.11.x86_64.rpm |
Related
prion
prion
Heap overflow
2008-03-18 23:44:00
checkpoint_advisories
checkpoint_advisories
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:33
securityvulns
securityvulns
iDefense Security Advisory 03.18.08: Multiple Vendor CUPS CGI Heap Overflow Vulnerability
2008-03-19 00:00:00
CUPS print system buffer overflow
2008-03-19 00:00:00
[USN-598-1] CUPS vulnerabilities
2008-04-03 00:00:00
openvas
openvas
SuSE Update for cups SUSE-SA:2008:015
2009-01-23 00:00:00
Cups < 1.3.8 vulnerability
2008-06-17 00:00:00
Slackware Advisory SSA:2008-094-01 cups
2012-09-11 00:00:00
nessus
nessus
openSUSE 10 Security Update : cups (cups-5076)
2008-03-19 00:00:00
Slackware 12.0 / current : cups (SSA:2008-094-01)
2008-04-04 00:00:00
Fedora 8 : cups-1.3.6-4.fc8 (2008-2131)
2008-04-11 00:00:00
ubuntucve
ubuntucve
CVE-2008-0047
2008-03-18 00:00:00
seebug
seebug
CUPS CGIζ₯ε£θΏη¨ε ζΊ’εΊζΌζ΄
2008-03-20 00:00:00
cve
cve
CVE-2008-0047
2008-03-18 23:44:00
debiancve
debiancve
CVE-2008-0047
2008-03-18 23:44:00
slackware
slackware
[slackware-security] cups
2008-04-03 07:53:48
debian
debian
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities
2008-03-25 15:11:39
[SECURITY] [DSA 1530-1] New cupsys packages fix multiple vulnerabilities
2008-03-25 15:10:49
osv
osv
cupsys - multiple vulnerabilities
2008-03-25 00:00:00
redhat
redhat
(RHSA-2008:0192) Moderate: cups security update
2008-04-01 00:00:00
centos
centos
cups security update
2008-04-02 10:39:09
oraclelinux
oraclelinux
cups security update
2008-04-01 00:00:00
ubuntu
ubuntu
CUPS vulnerabilities
2008-04-02 00:00:00
gentoo
gentoo
CUPS: Multiple vulnerabilities
2008-04-01 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: cups-1.3.6-4.fc8
2008-04-09 05:13:24
[SECURITY] Fedora 8 Update: cups-1.3.7-2.fc8
2008-05-10 13:54:12
[SECURITY] Fedora 7 Update: cups-1.2.12-10.fc7
2008-04-09 05:14:39