This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote printer service is affected by multiple vulnerabilities.
According to its banner, the version of CUPS installed on the remote
host is earlier than 1.3.10. Such versions are affected by several
- A potential integer overflow in the PNG image validation
code in '_cupsImageReadPNG()' could allow an attacker to
crash the affected service or possibly execute arbitrary
code. (STR #2974)
- A heap-based integer overflow exists in
'_cupsImageReadTIFF()' due to a failure to properly
validate the image height of a specially crafted TIFF
file, which can be leveraged to execute arbitrary code.
- The web interface may be vulnerable to DNS rebinding
attacks due to a failure to validate the HTTP Host
header in incoming requests. (STR #3118)
- A heap-based buffer overflow in pdftops allows remote
attackers to execute arbitrary code via a PDF file with
crafted JBIG2 symbol dictionary segments.
- Flawed 'ip' structure initialization in the function
'ippReadIO()' could allow an anonymous remote attacker
to crash the application via a malicious IPP request
packet with two consecutives IPP_TAG_UNSUPPORTED tags.
See also :
Upgrade to CUPS version 1.3.10 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true