This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
An out-of-bounds read flaw was found in the way the
process_browse_data() function of cups-browsed handled certain browse
packets. A remote attacker could send a specially crafted browse
packet that, when processed by cups- browsed, would crash the
cups-browsed daemon. (CVE-2014-4337)
A flaw was found in the way the cups-browsed daemon interpreted the
'BrowseAllow' directive in the cups-browsed.conf file. An attacker
able to add a malformed 'BrowseAllow' directive to the
cups-browsed.conf file could use this flaw to bypass intended access
After installing this update, the cups-browsed daemon will be
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 4.3