Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : cupsys vulnerabilities (USN-598-1)

Ubuntu Security Notice (C) 2008-2016 Canonical, Inc. / NASL script (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

It was discovered that the CUPS administration interface contained a
heap- based overflow flaw. A local attacker, and a remote attacker if
printer sharing is enabled, could send a malicious request and
possibly execute arbitrary code as the non-root user in Ubuntu 6.06
LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be isolated by
the AppArmor CUPS profile. (CVE-2008-0047)

It was discovered that the hpgl filter in CUPS did not properly
validate its input when parsing parameters. If a crafted HP-GL/2 file
were printed, an attacker could possibly execute arbitrary code as the
non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10,
attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0053)

It was discovered that CUPS had a flaw in its managing of remote
shared printers via IPP. A remote attacker could send a crafted UDP
packet and cause a denial of service or possibly execute arbitrary
code as the non-root user in Ubuntu 6.06 LTS, 6.10, and 7.04. In
Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
(CVE-2008-0882)

It was discovered that CUPS did not properly perform bounds checking
in its GIF decoding routines. If a crafted GIF file were printed, an
attacker could possibly execute arbitrary code as the non-root user in
Ubuntu 6.06 LTS, 6.10, and 7.04. In Ubuntu 7.10, attackers would be
isolated by the AppArmor CUPS profile. (CVE-2008-1373).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 31785 ()

Bugtraq ID: 27906
28307
28334
28544

CVE ID: CVE-2008-0047
CVE-2008-0053
CVE-2008-0882
CVE-2008-1373