SynopsisThe remote printer service is affected by multiple vulnerabilities.
DescriptionAccording to its banner, the version of CUPS installed on the remote host is affected by several issues :
- A buffer overflow exists in 'cgiCompileSearch' that could lead to arbitrary code execution (STR #2729).
- A GIF image filter overflow exists involving 'code_size' value from a user-supplied GIF image used in 'gif_read_lzw' (STR #2765).
- A temporary file with Samba credentials may be left behind by cupsaddsmb if no Windows drivers were installed (STR #2779).
SolutionUpgrade to CUPS version 1.3.7 or later.