CUPS < 1.4.5 IPP Request Memory Corruption

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote print service is affected by a memory corruption
vulnerability.

Description :

According to its banner, the version of CUPS installed on the remote
host is earlier than 1.4.5.

There is an error in the memory allocation process for attribute
values that contain invalid string data types. This error resides in
the 'ipp.c' file and allows an attacker to craft malicious IPP
requests leading to application crashes or arbitrary code execution.
(STR #3648)

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=624438
http://cups.org/articles.php?L597

Solution :

Upgrade to CUPS version 1.4.5 or later.

Risk factor :

High / CVSS Base Score : 7.9
(CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 50844 ()

Bugtraq ID: 44530

CVE ID: CVE-2010-2941