CUPS cups/ipp.c ippReadIO Function IPP Tag Handling Overflow
Critical Nessus Plugin ID 27608
The remote printer service is prone to a buffer overflow attack.
According to its banner, the version of CUPS installed on the remote host fails to check the text-length field in the 'ippReadIO()' function in 'cups/ipp.c'. Using a specially crafted request with an IPP (Internet Printing Protocol) tag such as 'textWithLanguage' or 'nameWithLanguage' and an overly large text-length value, a remote attacker may be able to leverage this issue to execute arbitrary code on the affected system.