SUSE-SA:2004:031: cups

This script is Copyright (C) 2004-2010 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).


The Common Unix Printing System (CUPS) enables local and remote users to
obtain printing functionallity via the Internet Printing Protocol (IPP).
Alvaro Martinez Echevarria has found a remote Denial of Service condition
within CUPS which allows remote users to make the cups server unresponsive.
Additionally the SUSE Security Team has discovered a flaw in the
foomatic-rip print filter which is commonly installed along with cups.
It allows remote attackers, which are listed in the printing ACLs, to
execute arbitrary commands as the printing user 'lp'.

Solution :

http://www.suse.de/security/2004_31_cups.html

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SuSE Local Security Checks

Nessus Plugin ID: 14730 ()

Bugtraq ID: 11183
11184

CVE ID: CVE-2004-0558
CVE-2004-0801

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now