CUPS < 1.3.6 process_browse_data() Function Double Free DoS

This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.

Synopsis :

The remote printer service is prone to a denial of service attack.

Description :

According to its banner, the version of CUPS installed on the remote
host contains a double free error in its 'process_browse_data'
function when deleting the mime type entry for a remote printer that
is being polled. An attacker may be able to leverage this issue to
crash the affected service by deleting a printer under his control and
then recreating it as a class.

Third-party researchers suggest this vulnerability can be used to
execute arbitrary code.

See also :

Solution :

Upgrade to CUPS version 1.3.6 or later.

Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 1.9
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 31131 (cups_1_3_6.nasl)

Bugtraq ID: 27906

CVE ID: CVE-2008-0882