CUPS < 1.3.6 process_browse_data() Function Double Free DoS

Low Nessus Plugin ID 31131


The remote printer service is prone to a denial of service attack.


According to its banner, the version of CUPS installed on the remote host contains a double free error in its 'process_browse_data' function when deleting the mime type entry for a remote printer that is being polled. An attacker may be able to leverage this issue to crash the affected service by deleting a printer under his control and then recreating it as a class.

Third-party researchers suggest this vulnerability can be used to execute arbitrary code.


Upgrade to CUPS version 1.3.6 or later.

See Also

Plugin Details

Severity: Low

ID: 31131

File Name: cups_1_3_6.nasl

Version: $Revision: 1.17 $

Type: remote

Family: Misc.

Published: 2008/02/21

Modified: 2016/05/04

Dependencies: 10107, 29727

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:apple:cups

Required KB Items: www/cups, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-0882

BID: 27906

OSVDB: 42030

Secunia: 28994

CWE: 119