High Nessus Plugin ID 14730
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).
The Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP).
Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive.
Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups.
It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.