SUSE-SA:2004:031: cups

High Nessus Plugin ID 14730


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2004:031 (cups).

The Common Unix Printing System (CUPS) enables local and remote users to obtain printing functionallity via the Internet Printing Protocol (IPP).
Alvaro Martinez Echevarria has found a remote Denial of Service condition within CUPS which allows remote users to make the cups server unresponsive.
Additionally the SUSE Security Team has discovered a flaw in the foomatic-rip print filter which is commonly installed along with cups.
It allows remote attackers, which are listed in the printing ACLs, to execute arbitrary commands as the printing user 'lp'.


Plugin Details

Severity: High

ID: 14730

File Name: suse_SA_2004_031.nasl

Version: $Revision: 1.10 $

Agent: unix

Published: 2004/09/15

Modified: 2010/10/06

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0558, CVE-2004-0801

BID: 11183, 11184