Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-563-1: CUPS vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-563-1: CUPS vulnerabilities
# 1  
Old 01-09-2008
USN-563-1: CUPS vulnerabilities
Referenced CVEs:
CVE-2007-5849, CVE-2007-6358


Description:
=========================================================== Ubuntu Security Notice USN-563-1 January 09, 2008cupsys vulnerabilitiesCVE-2007-5849, CVE-2007-6358===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.6Ubuntu 6.10: cupsys 1.2.4-2ubuntu3.2Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.2Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.3In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Wei Wang discovered that the SNMP discovery backend did not correctlycalculate the length of strings. If a user were tricked into scanningfor printers, a remote attacker could send a specially crafted packetand possibly execute arbitrary code.Elias Pipping discovered that temporary files were not handled safelyin certain situations when converting PDF to PS. A local attacker couldcause a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT PHP

cupsd

cupsd(8)							    Apple Inc.								  cupsd(8)

NAME

       cupsd - cups scheduler

SYNOPSIS

       cupsd [ -c config-file ] [ -f ] [ -F ] [ -h ] [ -l ] [ -t ]

DESCRIPTION

       cupsd is the scheduler for CUPS. It implements a printing system based upon the Internet Printing Protocol, version 2.1.  If no options are
       specified on the command-line then the default configuration file /etc/cups/cupsd.conf will be used.

OPTIONS

       -c config-file
	    Uses the named configuration file.

       -f
	    Run cupsd in the foreground; the default is to run in the background as a "daemon".

       -F
	    Run cupsd in the foreground but detach the process from the controlling terminal and current directory. This  is  useful  for  running
	    cupsd from init(8).

       -h
	    Shows the program usage.

       -l
	    This option is passed to cupsd when it is run from launchd(8).

       -t
	    Test the configuration file for syntax errors.

COMPATIBILITY

       cupsd implements all of the required IPP/2.1 attributes and operations. It also implements several CUPS-specific administration operations.

SEE ALSO

       backend(7),   classes.conf(5),	cups-deviced(8),   cups-driverd(8),  cups-lpd(8),  cups-polld(8),  cupsd.conf(5),  filter(7),  launchd(8),
       mime.convs(5), mime.types(5), printers.conf(5),
       http://localhost:631/help

COPYRIGHT

       Copyright 2007-2011 by Apple Inc.

9 March 2009							       CUPS								  cupsd(8)