Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : cups, cupsys vulnerabilities (USN-707-1)

Ubuntu Security Notice (C) 2009-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related
patches.

Description :

It was discovered that CUPS didn't properly handle adding a large
number of RSS subscriptions. A local user could exploit this and cause
CUPS to crash, leading to a denial of service. This issue only applied
to Ubuntu 7.10, 8.04 LTS and 8.10. (CVE-2008-5183)

It was discovered that CUPS did not authenticate users when adding and
cancelling RSS subscriptions. An unprivileged local user could bypass
intended restrictions and add a large number of RSS subscriptions.
This issue only applied to Ubuntu 7.10 and 8.04 LTS. (CVE-2008-5184)

It was discovered that the PNG filter in CUPS did not properly handle
certain malformed images. If a user or automated system were tricked
into opening a crafted PNG image file, a remote attacker could cause a
denial of service or execute arbitrary code with user privileges. In
Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the
AppArmor CUPS profile. (CVE-2008-5286)

It was discovered that the example pstopdf CUPS filter created log
files in an insecure way. Local users could exploit a race condition
to create or overwrite files with the privileges of the user invoking
the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and
8.04 LTS. (CVE-2008-5377).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 38132 ()

Bugtraq ID: 32419
32518

CVE ID: CVE-2008-5183
CVE-2008-5184
CVE-2008-5286
CVE-2008-5377

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial