CUPS < 1.4.5 IPP Request Memory Corruption

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote print service is affected by a memory corruption

Description :

According to its banner, the version of CUPS installed on the remote
host is earlier than 1.4.5.

There is an error in the memory allocation process for attribute
values that contain invalid string data types. This error resides in
the 'ipp.c' file and allows an attacker to craft malicious IPP
requests leading to application crashes or arbitrary code execution.
(STR #3648)

See also :

Solution :

Upgrade to CUPS version 1.4.5 or later.

Risk factor :

High / CVSS Base Score : 7.9
CVSS Temporal Score : 5.8
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 50844 ()

Bugtraq ID: 44530

CVE ID: CVE-2010-2941