Mandrake Linux Security Advisory : cups (MDKSA-2003:062)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A Denial of Service (DoS) vulnerability was discovered in the CUPS
printing system by Phil D'Amore of Red Hat. The IPP (Internet Printing
Protocol) that CUPS uses is single-threaded and can only service one
request at a time. A malicious user could create a partial request
that does not time out and cause a Denial of Service condition where
CUPS will not respond to other printing requests. This can only be
done if the malicious user can create a TCP connection to the IPP port
(631 by default).

This vulnerability has been fixed upstream in CUPS 1.1.19 and packages
of previous versions have been fixed to correct the problem.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14045 (mandrake_MDKSA-2003-062.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0195

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now