FreeBSD : cups -- multiple vulnerabilities (ce29ce1d-971a-11dd-ab7e-001c2514716c)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The release note of cups 1.3.9 reports :

It contains the following fixes :

- SECURITY: The HP-GL/2 filter did not range check pen numbers (STR
#2911)

- SECURITY: The SGI image file reader did not range check 16-bit run
lengths (STR #2918)

- SECURITY: The text filter did not range check cpi, lpi, or column
values (STR #2919)

Exploitation of this vulnerability results in the execution of
arbitrary code with the privileges of the affected service.

See also :

http://www.nessus.org/u?97a982ac

Solution :

Update the affected package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 34391 (freebsd_pkg_ce29ce1d971a11ddab7e001c2514716c.nasl)

Bugtraq ID:

CVE ID: CVE-2008-3639
CVE-2008-3640
CVE-2008-3641

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now