exploits , vulnerabilities , articles , CUPS Multiple Heap Based Buffer Overflow Vulnerabilities

Title	CUPS Multiple Heap Based Buffer Overflow Vulnerabilities
Published	2008-10-09-12:00AM
Updated	2008-10-10-06:57PM
Class	Boundary Condition Error
CVE
Remote	Yes
Local	No
Credit	regenrecht working with iDefense
Vulnerable	RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux 5 server RedHat Desktop 4.0 RedHat Desktop 3.0 Easy Software Products CUPS 1.3.7 Easy Software Products CUPS 1.3.6 Easy Software Products CUPS 1.3.5 Easy Software Products CUPS 1.3.3 Easy Software Products CUPS 1.3.2 Easy Software Products CUPS 1.2.12 Easy Software Products CUPS 1.2.10 Easy Software Products CUPS 1.2.9 Easy Software Products CUPS 1.2.8 Easy Software Products CUPS 1.2.4 Easy Software Products CUPS 1.2.2 Easy Software Products CUPS 1.1.23 rc1 Gentoo Linux Easy Software Products CUPS 1.1.23 Gentoo Linux Easy Software Products CUPS 1.1.22 rc1 Easy Software Products CUPS 1.1.22 Easy Software Products CUPS 1.1.21 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 Easy Software Products CUPS 1.1.20 ALT Linux ALT Linux Compact 2.3 ALT Linux ALT Linux Junior 2.3 Gentoo Linux 1.4 _rc3 Gentoo Linux 1.4 _rc2 Gentoo Linux 1.4 _rc1 MandrakeSoft apcupsd 2006.0 MandrakeSoft Linux Mandrake 10.0 AMD64 MandrakeSoft Linux Mandrake 10.0 S.u.S.E. Linux Personal 9.1 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Easy Software Products CUPS 1.1.19 rc5 Easy Software Products CUPS 1.1.19 MandrakeSoft Linux Mandrake 9.2 amd64 MandrakeSoft Linux Mandrake 9.2 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Home Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Workstation 8.0 Easy Software Products CUPS 1.1.18 Conectiva Linux 9.0 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 MandrakeSoft Linux Mandrake 9.0 MandrakeSoft Multi Network Firewall 2.0 S.u.S.E. Linux Personal 8.2 Easy Software Products CUPS 1.1.17 RedHat Desktop 3.0 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux WS 3 Easy Software Products CUPS 1.1.16 MandrakeSoft Linux Mandrake 9.0 Easy Software Products CUPS 1.1.15 Conectiva Linux Enterprise Edition 1.0 S.u.S.E. Linux 8.1 Easy Software Products CUPS 1.1.14 Conectiva Linux 8.0 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 MandrakeSoft Linux Mandrake 8.2 ppc MandrakeSoft Linux Mandrake 8.2 Easy Software Products CUPS 1.1.13 Easy Software Products CUPS 1.1.12 S.u.S.E. Linux 8.0 i386 S.u.S.E. Linux 8.0 Easy Software Products CUPS 1.1.10 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1.1 Conectiva Linux 7.0 Conectiva Linux 6.0 MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Linux Mandrake 8.1 S.u.S.E. Linux 7.3 sparc S.u.S.E. Linux 7.3 ppc S.u.S.E. Linux 7.3 i386 Easy Software Products CUPS 1.1.7 Easy Software Products CUPS 1.1.6 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.0 S.u.S.E. Linux 7.2 i386 S.u.S.E. Linux 7.1 x86 S.u.S.E. Linux 7.1 sparc S.u.S.E. Linux 7.1 ppc S.u.S.E. Linux 7.1 alpha Easy Software Products CUPS 1.1.4 5 Easy Software Products CUPS 1.1.4 3 MandrakeSoft Linux Mandrake 7.2 Easy Software Products CUPS 1.1.4 2 Debian Linux 2.3 Easy Software Products CUPS 1.1.4 Debian Linux 2.3 MandrakeSoft Linux Mandrake 7.2 Easy Software Products CUPS 1.1.1 RedHat PowerTools 7.0 Easy Software Products CUPS 1.0.4 8 Debian Linux 2.2 Easy Software Products CUPS 1.0.4 Debian Linux 2.2 DrPhibez and Nitro187 Guild FTPD 1.1.19 rc5
Not Vulnerable	Easy Software Products CUPS 1.3.9
Code	Reportedly, iDefense developed a working exploit for one of the issues. This exploit is not otherwise publicly available or known to be circulating in the wild.
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-11-22 KVIrc URI Handler Remote Command Execution Vulnerability
• 2008-11-22 NVIDIA Cg Toolkit Installer Insecure Temporary File Creation Vulnerability
• 2008-11-22 TkUsr Insecure Temporary File Creation Vulnerability
• 2008-11-21 TAU Tuning and Analysis Utilities Insecure Temporary File Creation Vulnerabilities
• 2008-11-21 Maildirsync Insecure Temporary File Creation Vulnerability
• 2008-11-21 TkMan Insecure Temporary File Creation Vulnerability
• 2008-11-21 Apple iPhone Configuration Web Utility for Windows Directory Traversal Vulnerability
• 2008-11-21 Cisco IOS and CatOS VLAN Trunking Protocol Packet Handling Denial Of Service Vulnerability
• 2008-11-21 vBulletin Visitor Messages Addon Comment Notification HTML Injection Vulnerability
• 2008-11-21 Apple Mac OS X CoreGraphics Multiple Memory Corruption Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Sun, 23 Nov 2008 08:53:11 +0000